diff options
Diffstat (limited to 'dns.c')
-rw-r--r-- | dns.c | 33 |
1 files changed, 29 insertions, 4 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dns.c,v 1.10 2004/06/21 17:36:31 avsm Exp $ */ | 1 | /* $OpenBSD: dns.c,v 1.12 2005/06/17 02:44:32 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2003 Wesley Griffin. All rights reserved. | 4 | * Copyright (c) 2003 Wesley Griffin. All rights reserved. |
@@ -43,7 +43,7 @@ | |||
43 | #include "uuencode.h" | 43 | #include "uuencode.h" |
44 | 44 | ||
45 | extern char *__progname; | 45 | extern char *__progname; |
46 | RCSID("$OpenBSD: dns.c,v 1.10 2004/06/21 17:36:31 avsm Exp $"); | 46 | RCSID("$OpenBSD: dns.c,v 1.12 2005/06/17 02:44:32 djm Exp $"); |
47 | 47 | ||
48 | #ifndef LWRES | 48 | #ifndef LWRES |
49 | static const char *errset_text[] = { | 49 | static const char *errset_text[] = { |
@@ -142,6 +142,26 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type, | |||
142 | return success; | 142 | return success; |
143 | } | 143 | } |
144 | 144 | ||
145 | /* | ||
146 | * Check if hostname is numerical. | ||
147 | * Returns -1 if hostname is numeric, 0 otherwise | ||
148 | */ | ||
149 | static int | ||
150 | is_numeric_hostname(const char *hostname) | ||
151 | { | ||
152 | struct addrinfo hints, *ai; | ||
153 | |||
154 | memset(&hints, 0, sizeof(hints)); | ||
155 | hints.ai_socktype = SOCK_DGRAM; | ||
156 | hints.ai_flags = AI_NUMERICHOST; | ||
157 | |||
158 | if (getaddrinfo(hostname, "0", &hints, &ai) == 0) { | ||
159 | freeaddrinfo(ai); | ||
160 | return -1; | ||
161 | } | ||
162 | |||
163 | return 0; | ||
164 | } | ||
145 | 165 | ||
146 | /* | 166 | /* |
147 | * Verify the given hostname, address and host key using DNS. | 167 | * Verify the given hostname, address and host key using DNS. |
@@ -151,7 +171,7 @@ int | |||
151 | verify_host_key_dns(const char *hostname, struct sockaddr *address, | 171 | verify_host_key_dns(const char *hostname, struct sockaddr *address, |
152 | const Key *hostkey, int *flags) | 172 | const Key *hostkey, int *flags) |
153 | { | 173 | { |
154 | int counter; | 174 | u_int counter; |
155 | int result; | 175 | int result; |
156 | struct rrsetinfo *fingerprints = NULL; | 176 | struct rrsetinfo *fingerprints = NULL; |
157 | 177 | ||
@@ -171,6 +191,11 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address, | |||
171 | if (hostkey == NULL) | 191 | if (hostkey == NULL) |
172 | fatal("No key to look up!"); | 192 | fatal("No key to look up!"); |
173 | 193 | ||
194 | if (is_numeric_hostname(hostname)) { | ||
195 | debug("skipped DNS lookup for numerical hostname"); | ||
196 | return -1; | ||
197 | } | ||
198 | |||
174 | result = getrrsetbyname(hostname, DNS_RDATACLASS_IN, | 199 | result = getrrsetbyname(hostname, DNS_RDATACLASS_IN, |
175 | DNS_RDATATYPE_SSHFP, 0, &fingerprints); | 200 | DNS_RDATATYPE_SSHFP, 0, &fingerprints); |
176 | if (result) { | 201 | if (result) { |
@@ -249,7 +274,7 @@ export_dns_rr(const char *hostname, const Key *key, FILE *f, int generic) | |||
249 | u_char *rdata_digest; | 274 | u_char *rdata_digest; |
250 | u_int rdata_digest_len; | 275 | u_int rdata_digest_len; |
251 | 276 | ||
252 | int i; | 277 | u_int i; |
253 | int success = 0; | 278 | int success = 0; |
254 | 279 | ||
255 | if (dns_read_key(&rdata_pubkey_algorithm, &rdata_digest_type, | 280 | if (dns_read_key(&rdata_pubkey_algorithm, &rdata_digest_type, |