From 4abde771b73f3a54780ff3dedf59f57f94298870 Mon Sep 17 00:00:00 2001
From: Darren Tucker <dtucker@zip.com.au>
Date: Sat, 29 Dec 2007 02:43:51 +1100
Subject:    - dtucker@cvs.openbsd.org 2007/12/27 14:22:08      [servconf.c
 canohost.c misc.c channels.c sshconnect.c misc.h ssh-keyscan.c      sshd.c]  
    Add a small helper function to consistently handle the EAI_SYSTEM error   
   code of getaddrinfo.  Prompted by vgiffin at apple com via bz #1417.     
 ok markus@ stevesk@

---
 canohost.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'canohost.c')

diff --git a/canohost.c b/canohost.c
index 2345cc35c..8270500d3 100644
--- a/canohost.c
+++ b/canohost.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: canohost.c,v 1.61 2006/08/03 03:34:41 deraadt Exp $ */
+/* $OpenBSD: canohost.c,v 1.62 2007/12/27 14:22:08 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -32,6 +32,7 @@
 #include "packet.h"
 #include "log.h"
 #include "canohost.h"
+#include "misc.h"
 
 static void check_ip_options(int, char *);
 
@@ -271,7 +272,7 @@ get_socket_address(int sock, int remote, int flags)
 	if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop,
 	    sizeof(ntop), NULL, 0, flags)) != 0) {
 		error("get_socket_address: getnameinfo %d failed: %s", flags,
-		    r == EAI_SYSTEM ? strerror(errno) : gai_strerror(r));
+		    ssh_gai_strerror(r));
 		return NULL;
 	}
 	return xstrdup(ntop);
@@ -372,7 +373,7 @@ get_sock_port(int sock, int local)
 	if ((r = getnameinfo((struct sockaddr *)&from, fromlen, NULL, 0,
 	    strport, sizeof(strport), NI_NUMERICSERV)) != 0)
 		fatal("get_sock_port: getnameinfo NI_NUMERICSERV failed: %s",
-		    r == EAI_SYSTEM ? strerror(errno) : gai_strerror(r));
+		    ssh_gai_strerror(r));
 	return atoi(strport);
 }
 
-- 
cgit v1.2.3


From 30ac73bcc2b2fa7b997cb572e5b03ea9107b7641 Mon Sep 17 00:00:00 2001
From: Darren Tucker <dtucker@zip.com.au>
Date: Fri, 13 Jun 2008 04:46:45 +1000
Subject:    - dtucker@cvs.openbsd.org 2008/06/12 00:03:49      [dns.c
 canohost.c sshconnect.c]      Do not pass "0" strings as ports to getaddrinfo
 because the lookups      can slow things down and we never use the service
 info anyway. bz      #859, patch from YOSHIFUJI Hideaki and John
 Devitofranceschi.  ok      deraadt@ djm@      djm belives that the reason for
 the "0" strings is to ensure that      it's not possible to call getaddrinfo
 with both host and port being      NULL.  In the case of canohost.c host is a
 local array.  In the      case of sshconnect.c, it's checked for null
 immediately before use.      In dns.c it ultimately comes from ssh.c:main()
 and is guaranteed to      be non-null but it's not obvious, so I added a
 warning message in      case it is ever passed a null.

---
 canohost.c   |  4 ++--
 dns.c        | 13 +++++++++++--
 sshconnect.c |  4 ++--
 3 files changed, 15 insertions(+), 6 deletions(-)

(limited to 'canohost.c')

diff --git a/canohost.c b/canohost.c
index 8270500d3..42011fd0a 100644
--- a/canohost.c
+++ b/canohost.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: canohost.c,v 1.62 2007/12/27 14:22:08 dtucker Exp $ */
+/* $OpenBSD: canohost.c,v 1.63 2008/06/12 00:03:49 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -89,7 +89,7 @@ get_remote_hostname(int sock, int use_dns)
 	memset(&hints, 0, sizeof(hints));
 	hints.ai_socktype = SOCK_DGRAM;	/*dummy*/
 	hints.ai_flags = AI_NUMERICHOST;
-	if (getaddrinfo(name, "0", &hints, &ai) == 0) {
+	if (getaddrinfo(name, NULL, &hints, &ai) == 0) {
 		logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
 		    name, ntop);
 		freeaddrinfo(ai);
diff --git a/dns.c b/dns.c
index a89176f88..a7da03fa3 100644
--- a/dns.c
+++ b/dns.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dns.c,v 1.24 2007/01/03 03:01:40 stevesk Exp $ */
+/* $OpenBSD: dns.c,v 1.25 2008/06/12 00:03:49 dtucker Exp $ */
 
 /*
  * Copyright (c) 2003 Wesley Griffin. All rights reserved.
@@ -145,11 +145,20 @@ is_numeric_hostname(const char *hostname)
 {
 	struct addrinfo hints, *ai;
 
+	/*
+	 * We shouldn't ever get a null host but if we do then log an error
+	 * and return -1 which stops DNS key fingerprint processing.
+	 */
+	if (hostname == NULL) {
+		error("is_numeric_hostname called with NULL hostname");
+		return -1;
+	}
+
 	memset(&hints, 0, sizeof(hints));
 	hints.ai_socktype = SOCK_DGRAM;
 	hints.ai_flags = AI_NUMERICHOST;
 
-	if (getaddrinfo(hostname, "0", &hints, &ai) == 0) {
+	if (getaddrinfo(hostname, NULL, &hints, &ai) == 0) {
 		freeaddrinfo(ai);
 		return -1;
 	}
diff --git a/sshconnect.c b/sshconnect.c
index 151299614..0a4bf36b6 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.204 2008/06/11 21:01:35 grunk Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.205 2008/06/12 00:03:49 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -221,7 +221,7 @@ ssh_create_socket(int privileged, struct addrinfo *ai)
 	hints.ai_socktype = ai->ai_socktype;
 	hints.ai_protocol = ai->ai_protocol;
 	hints.ai_flags = AI_PASSIVE;
-	gaierr = getaddrinfo(options.bind_address, "0", &hints, &res);
+	gaierr = getaddrinfo(options.bind_address, NULL, &hints, &res);
 	if (gaierr) {
 		error("getaddrinfo: %s: %s", options.bind_address,
 		    ssh_gai_strerror(gaierr));
-- 
cgit v1.2.3