- (djm) OpenBSD CVS Sync:
- markus@cvs.openbsd.org 2001/01/29 12:42:35
[canohost.c canohost.h channels.c clientloop.c]
add get_peer_ipaddr(socket), x11-fwd in ssh2 requires ipaddr, not DNS
diff --git a/ChangeLog b/ChangeLog
index ce08540..250ab58 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,9 @@
- markus@cvs.openbsd.org 2001/01/29 09:55:37
[channels.c channels.h clientloop.c serverloop.c]
fix select overflow; ok deraadt@ and stevesk@
+ - markus@cvs.openbsd.org 2001/01/29 12:42:35
+ [canohost.c canohost.h channels.c clientloop.c]
+ add get_peer_ipaddr(socket), x11-fwd in ssh2 requires ipaddr, not DNS
20000129
- (stevesk) sftp-server.c: use %lld vs. %qd
diff --git a/canohost.c b/canohost.c
index 9fa33c2..f3a6593 100644
--- a/canohost.c
+++ b/canohost.c
@@ -12,7 +12,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: canohost.c,v 1.18 2001/01/21 19:05:45 markus Exp $");
+RCSID("$OpenBSD: canohost.c,v 1.19 2001/01/29 19:42:33 markus Exp $");
#include "packet.h"
#include "xmalloc.h"
@@ -188,6 +188,34 @@
}
/*
+ * Returns the remote IP-address of socket as a string. The returned
+ * string must be freed.
+ */
+
+char *
+get_peer_ipaddr(int socket)
+{
+ struct sockaddr_storage from;
+ socklen_t fromlen;
+ char ntop[NI_MAXHOST];
+
+ /* Get IP address of client. */
+ fromlen = sizeof(from);
+ memset(&from, 0, sizeof(from));
+ if (getpeername(socket, (struct sockaddr *) & from, &fromlen) < 0) {
+ debug("get_peer_ipaddr: getpeername failed: %.100s", strerror(errno));
+ return NULL;
+ }
+ /* Get the IP address in ascii. */
+ if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop),
+ NULL, 0, NI_NUMERICHOST) != 0) {
+ error("get_peer_ipaddr: getnameinfo NI_NUMERICHOST failed");
+ return NULL;
+ }
+ return xstrdup(ntop);
+}
+
+/*
* Returns the IP-address of the remote host as a string. The returned
* string must not be freed.
*/
@@ -196,38 +224,19 @@
get_remote_ipaddr()
{
static char *canonical_host_ip = NULL;
- struct sockaddr_storage from;
- socklen_t fromlen;
- int socket;
- char ntop[NI_MAXHOST];
- /* Check whether we have chached the name. */
- if (canonical_host_ip != NULL)
- return canonical_host_ip;
-
- /* If not a socket, return UNKNOWN. */
- if (!packet_connection_is_on_socket()) {
- canonical_host_ip = xstrdup("UNKNOWN");
- return canonical_host_ip;
+ /* Check whether we have cached the ipaddr. */
+ if (canonical_host_ip == NULL) {
+ if (packet_connection_is_on_socket()) {
+ canonical_host_ip =
+ get_peer_ipaddr(packet_get_connection_in());
+ if (canonical_host_ip == NULL)
+ fatal_cleanup();
+ } else {
+ /* If not on socket, return UNKNOWN. */
+ canonical_host_ip = xstrdup("UNKNOWN");
+ }
}
- /* Get client socket. */
- socket = packet_get_connection_in();
-
- /* Get IP address of client. */
- fromlen = sizeof(from);
- memset(&from, 0, sizeof(from));
- if (getpeername(socket, (struct sockaddr *) & from, &fromlen) < 0) {
- debug("getpeername failed: %.100s", strerror(errno));
- fatal_cleanup();
- }
- /* Get the IP address in ascii. */
- if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop),
- NULL, 0, NI_NUMERICHOST) != 0)
- fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed");
-
- canonical_host_ip = xstrdup(ntop);
-
- /* Return ip address string. */
return canonical_host_ip;
}
diff --git a/canohost.h b/canohost.h
index ba04c59..982ec59 100644
--- a/canohost.h
+++ b/canohost.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: canohost.h,v 1.2 2001/01/29 01:58:15 niklas Exp $ */
+/* $OpenBSD: canohost.h,v 1.3 2001/01/29 19:42:35 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -25,12 +25,13 @@
const char *get_canonical_hostname(void);
/*
- * Returns the remote IP address as an ascii string. The value need not be
- * freed by the caller.
+ * Returns the IP-address of the remote host as a string. The returned
+ * string must not be freed.
*/
const char *get_remote_ipaddr(void);
-/* Returns the port number of the peer of the socket. */
+/* Returns the ipaddr/port number of the peer of the socket. */
+char * get_peer_ipaddr(int socket);
int get_peer_port(int sock);
/* Returns the port number of the remote/local host. */
diff --git a/channels.c b/channels.c
index 6aafc3d..82a2db0 100644
--- a/channels.c
+++ b/channels.c
@@ -40,7 +40,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.84 2001/01/29 16:55:36 markus Exp $");
+RCSID("$OpenBSD: channels.c,v 1.85 2001/01/29 19:42:35 markus Exp $");
#include <openssl/rsa.h>
#include <openssl/dsa.h>
@@ -546,7 +546,7 @@
struct sockaddr addr;
int newsock, newch;
socklen_t addrlen;
- char buf[16384], *remote_hostname;
+ char buf[16384], *remote_ipaddr;
int remote_port;
if (FD_ISSET(c->sock, readset)) {
@@ -557,10 +557,10 @@
error("accept: %.100s", strerror(errno));
return;
}
- remote_hostname = get_remote_hostname(newsock);
+ remote_ipaddr = get_peer_ipaddr(newsock);
remote_port = get_peer_port(newsock);
snprintf(buf, sizeof buf, "X11 connection from %.200s port %d",
- remote_hostname, remote_port);
+ remote_ipaddr, remote_port);
newch = channel_new("x11",
SSH_CHANNEL_OPENING, newsock, newsock, -1,
@@ -572,8 +572,8 @@
packet_put_int(newch);
packet_put_int(c->local_window_max);
packet_put_int(c->local_maxpacket);
- /* originator host and port */
- packet_put_cstring(remote_hostname);
+ /* originator ipaddr and port */
+ packet_put_cstring(remote_ipaddr);
if (datafellows & SSH_BUG_X11FWD) {
debug("ssh2 x11 bug compat mode");
} else {
@@ -587,7 +587,7 @@
packet_put_string(buf, strlen(buf));
packet_send();
}
- xfree(remote_hostname);
+ xfree(remote_ipaddr);
}
}
diff --git a/clientloop.c b/clientloop.c
index 49a943a..721c279 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -59,7 +59,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: clientloop.c,v 1.46 2001/01/29 16:55:36 markus Exp $");
+RCSID("$OpenBSD: clientloop.c,v 1.47 2001/01/29 19:42:35 markus Exp $");
#include "ssh.h"
#include "ssh1.h"
@@ -1069,6 +1069,8 @@
}
packet_done();
/* XXX check permission */
+ debug("client_request_x11: request from %s %d", originator,
+ originator_port);
sock = x11_connect_display();
if (sock >= 0) {
newch = channel_new("x11",