diff options
Diffstat (limited to 'dns.c')
| -rw-r--r-- | dns.c | 33 |
1 files changed, 29 insertions, 4 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: dns.c,v 1.10 2004/06/21 17:36:31 avsm Exp $ */ | 1 | /* $OpenBSD: dns.c,v 1.12 2005/06/17 02:44:32 djm Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 2003 Wesley Griffin. All rights reserved. | 4 | * Copyright (c) 2003 Wesley Griffin. All rights reserved. |
| @@ -43,7 +43,7 @@ | |||
| 43 | #include "uuencode.h" | 43 | #include "uuencode.h" |
| 44 | 44 | ||
| 45 | extern char *__progname; | 45 | extern char *__progname; |
| 46 | RCSID("$OpenBSD: dns.c,v 1.10 2004/06/21 17:36:31 avsm Exp $"); | 46 | RCSID("$OpenBSD: dns.c,v 1.12 2005/06/17 02:44:32 djm Exp $"); |
| 47 | 47 | ||
| 48 | #ifndef LWRES | 48 | #ifndef LWRES |
| 49 | static const char *errset_text[] = { | 49 | static const char *errset_text[] = { |
| @@ -142,6 +142,26 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type, | |||
| 142 | return success; | 142 | return success; |
| 143 | } | 143 | } |
| 144 | 144 | ||
| 145 | /* | ||
| 146 | * Check if hostname is numerical. | ||
| 147 | * Returns -1 if hostname is numeric, 0 otherwise | ||
| 148 | */ | ||
| 149 | static int | ||
| 150 | is_numeric_hostname(const char *hostname) | ||
| 151 | { | ||
| 152 | struct addrinfo hints, *ai; | ||
| 153 | |||
| 154 | memset(&hints, 0, sizeof(hints)); | ||
| 155 | hints.ai_socktype = SOCK_DGRAM; | ||
| 156 | hints.ai_flags = AI_NUMERICHOST; | ||
| 157 | |||
| 158 | if (getaddrinfo(hostname, "0", &hints, &ai) == 0) { | ||
| 159 | freeaddrinfo(ai); | ||
| 160 | return -1; | ||
| 161 | } | ||
| 162 | |||
| 163 | return 0; | ||
| 164 | } | ||
| 145 | 165 | ||
| 146 | /* | 166 | /* |
| 147 | * Verify the given hostname, address and host key using DNS. | 167 | * Verify the given hostname, address and host key using DNS. |
| @@ -151,7 +171,7 @@ int | |||
| 151 | verify_host_key_dns(const char *hostname, struct sockaddr *address, | 171 | verify_host_key_dns(const char *hostname, struct sockaddr *address, |
| 152 | const Key *hostkey, int *flags) | 172 | const Key *hostkey, int *flags) |
| 153 | { | 173 | { |
| 154 | int counter; | 174 | u_int counter; |
| 155 | int result; | 175 | int result; |
| 156 | struct rrsetinfo *fingerprints = NULL; | 176 | struct rrsetinfo *fingerprints = NULL; |
| 157 | 177 | ||
| @@ -171,6 +191,11 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address, | |||
| 171 | if (hostkey == NULL) | 191 | if (hostkey == NULL) |
| 172 | fatal("No key to look up!"); | 192 | fatal("No key to look up!"); |
| 173 | 193 | ||
| 194 | if (is_numeric_hostname(hostname)) { | ||
| 195 | debug("skipped DNS lookup for numerical hostname"); | ||
| 196 | return -1; | ||
| 197 | } | ||
| 198 | |||
| 174 | result = getrrsetbyname(hostname, DNS_RDATACLASS_IN, | 199 | result = getrrsetbyname(hostname, DNS_RDATACLASS_IN, |
| 175 | DNS_RDATATYPE_SSHFP, 0, &fingerprints); | 200 | DNS_RDATATYPE_SSHFP, 0, &fingerprints); |
| 176 | if (result) { | 201 | if (result) { |
| @@ -249,7 +274,7 @@ export_dns_rr(const char *hostname, const Key *key, FILE *f, int generic) | |||
| 249 | u_char *rdata_digest; | 274 | u_char *rdata_digest; |
| 250 | u_int rdata_digest_len; | 275 | u_int rdata_digest_len; |
| 251 | 276 | ||
| 252 | int i; | 277 | u_int i; |
| 253 | int success = 0; | 278 | int success = 0; |
| 254 | 279 | ||
| 255 | if (dns_read_key(&rdata_pubkey_algorithm, &rdata_digest_type, | 280 | if (dns_read_key(&rdata_pubkey_algorithm, &rdata_digest_type, |