diff options
Diffstat (limited to 'sshconnect.c')
| -rw-r--r-- | sshconnect.c | 48 |
1 files changed, 36 insertions, 12 deletions
diff --git a/sshconnect.c b/sshconnect.c index 60b16a247..3397d6c06 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
| @@ -13,7 +13,7 @@ | |||
| 13 | */ | 13 | */ |
| 14 | 14 | ||
| 15 | #include "includes.h" | 15 | #include "includes.h" |
| 16 | RCSID("$OpenBSD: sshconnect.c,v 1.104 2001/04/12 19:15:25 markus Exp $"); | 16 | RCSID("$OpenBSD: sshconnect.c,v 1.105 2001/04/30 11:18:52 markus Exp $"); |
| 17 | 17 | ||
| 18 | #include <openssl/bn.h> | 18 | #include <openssl/bn.h> |
| 19 | 19 | ||
| @@ -147,7 +147,8 @@ ssh_proxy_connect(const char *host, u_short port, struct passwd *pw, | |||
| 147 | int | 147 | int |
| 148 | ssh_create_socket(struct passwd *pw, int privileged, int family) | 148 | ssh_create_socket(struct passwd *pw, int privileged, int family) |
| 149 | { | 149 | { |
| 150 | int sock; | 150 | int sock, gaierr; |
| 151 | struct addrinfo hints, *res; | ||
| 151 | 152 | ||
| 152 | /* | 153 | /* |
| 153 | * If we are running as root and want to connect to a privileged | 154 | * If we are running as root and want to connect to a privileged |
| @@ -160,17 +161,40 @@ ssh_create_socket(struct passwd *pw, int privileged, int family) | |||
| 160 | error("rresvport: af=%d %.100s", family, strerror(errno)); | 161 | error("rresvport: af=%d %.100s", family, strerror(errno)); |
| 161 | else | 162 | else |
| 162 | debug("Allocated local port %d.", p); | 163 | debug("Allocated local port %d.", p); |
| 163 | } else { | 164 | return sock; |
| 164 | /* | 165 | } |
| 165 | * Just create an ordinary socket on arbitrary port. We use | 166 | /* |
| 166 | * the user's uid to create the socket. | 167 | * Just create an ordinary socket on arbitrary port. We use |
| 167 | */ | 168 | * the user's uid to create the socket. |
| 168 | temporarily_use_uid(pw); | 169 | */ |
| 169 | sock = socket(family, SOCK_STREAM, 0); | 170 | temporarily_use_uid(pw); |
| 170 | if (sock < 0) | 171 | sock = socket(family, SOCK_STREAM, 0); |
| 171 | error("socket: %.100s", strerror(errno)); | 172 | if (sock < 0) |
| 172 | restore_uid(); | 173 | error("socket: %.100s", strerror(errno)); |
| 174 | restore_uid(); | ||
| 175 | |||
| 176 | /* Bind the socket to an alternative local IP address */ | ||
| 177 | if (options.bind_address == NULL) | ||
| 178 | return sock; | ||
| 179 | |||
| 180 | memset(&hints, 0, sizeof(hints)); | ||
| 181 | hints.ai_family = IPv4or6; | ||
| 182 | hints.ai_socktype = SOCK_STREAM; | ||
| 183 | hints.ai_flags = AI_PASSIVE; | ||
| 184 | gaierr = getaddrinfo(options.bind_address, "0", &hints, &res); | ||
| 185 | if (gaierr) { | ||
| 186 | error("getaddrinfo: %s: %s", options.bind_address, | ||
| 187 | gai_strerror(gaierr)); | ||
| 188 | close(sock); | ||
| 189 | return -1; | ||
| 190 | } | ||
| 191 | if (bind(sock, res->ai_addr, res->ai_addrlen) < 0) { | ||
| 192 | error("bind: %s: %s", options.bind_address, strerror(errno)); | ||
| 193 | close(sock); | ||
| 194 | freeaddrinfo(res); | ||
| 195 | return -1; | ||
| 173 | } | 196 | } |
| 197 | freeaddrinfo(res); | ||
| 174 | return sock; | 198 | return sock; |
| 175 | } | 199 | } |
| 176 | 200 | ||