Blame - canohost.c - platform/external/openssh

blob: 533f2c24af3f450bdb0db578cb06ebf358fdefd6 [file] [log] [blame]

Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1	/*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	2	* Author: Tatu Ylonen <ylo@cs.hut.fi>
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	3	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
				4	* All rights reserved
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	5	* Functions for returning the canonical host name of the remote site.
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	6	*
Damien Miller	e4340be	2000-09-16 13:29:08 +1100	[diff] [blame]	7	* As far as I am concerned, the code I have written for this software
				8	* can be used freely for any purpose. Any derived versions of this
				9	* software must be clearly marked as such, and if the derived work is
				10	* incompatible with the protocol description in the RFC file, it must be
				11	* called by a name other than "ssh" or "Secure Shell".
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	12	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	13
				14	#include "includes.h"
Damien Miller	3a961dc	2003-06-03 10:25:48 +1000	[diff] [blame]	15	RCSID("$OpenBSD: canohost.c,v 1.37 2003/06/02 09:17:34 markus Exp $");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	16
				17	#include "packet.h"
				18	#include "xmalloc.h"
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	19	#include "log.h"
Ben Lindstrom	31ca54a	2001-02-09 02:11:24 +0000	[diff] [blame]	20	#include "canohost.h"
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	21
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	22	static void check_ip_options(int, char *);
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	23
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	24	/*
				25	* Return the canonical name of the host at the other end of the socket. The
				26	* caller should free the returned string with xfree.
				27	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	28
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	29	static char *
Damien Miller	3a961dc	2003-06-03 10:25:48 +1000	[diff] [blame]	30	get_remote_hostname(int socket, int use_dns)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	31	{
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	32	struct sockaddr_storage from;
				33	int i;
				34	socklen_t fromlen;
				35	struct addrinfo hints, ai, aitop;
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	36	char name[NI_MAXHOST], ntop[NI_MAXHOST], ntop2[NI_MAXHOST];
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	37
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	38	/* Get IP address of client. */
				39	fromlen = sizeof(from);
				40	memset(&from, 0, sizeof(from));
Ben Lindstrom	acaac97	2002-12-23 02:13:37 +0000	[diff] [blame]	41	if (getpeername(socket, (struct sockaddr *)&from, &fromlen) < 0) {
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	42	debug("getpeername failed: %.100s", strerror(errno));
				43	fatal_cleanup();
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	44	}
Damien Miller	7bcb089	2000-03-11 20:45:40 +1100	[diff] [blame]	45	#ifdef IPV4_IN_IPV6
				46	if (from.ss_family == AF_INET6) {
				47	struct sockaddr_in6 from6 = (struct sockaddr_in6 )&from;
				48
				49	/* Detect IPv4 in IPv6 mapped address and convert it to */
				50	/* plain (AF_INET) IPv4 address */
				51	if (IN6_IS_ADDR_V4MAPPED(&from6->sin6_addr)) {
				52	struct sockaddr_in from4 = (struct sockaddr_in )&from;
				53	struct in_addr addr;
				54	u_int16_t port;
				55
				56	memcpy(&addr, ((char *)&from6->sin6_addr) + 12, sizeof(addr));
				57	port = from6->sin6_port;
				58
				59	memset(&from, 0, sizeof(from));
Kevin Steves	ef4eea9	2001-02-05 12:42:17 +0000	[diff] [blame]	60
Damien Miller	7bcb089	2000-03-11 20:45:40 +1100	[diff] [blame]	61	from4->sin_family = AF_INET;
Damien Miller	5e4471e	2003-01-07 10:51:23 +1100	[diff] [blame]	62	fromlen = sizeof(*from4);
Damien Miller	7bcb089	2000-03-11 20:45:40 +1100	[diff] [blame]	63	memcpy(&from4->sin_addr, &addr, sizeof(addr));
				64	from4->sin_port = port;
				65	}
				66	}
				67	#endif
Damien Miller	5e4471e	2003-01-07 10:51:23 +1100	[diff] [blame]	68	if (from.ss_family == AF_INET6)
				69	fromlen = sizeof(struct sockaddr_in6);
Damien Miller	7bcb089	2000-03-11 20:45:40 +1100	[diff] [blame]	70
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	71	if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop),
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	72	NULL, 0, NI_NUMERICHOST) != 0)
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	73	fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed");
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	74
Damien Miller	3a961dc	2003-06-03 10:25:48 +1000	[diff] [blame]	75	if (!use_dns)
				76	return xstrdup(ntop);
				77
Ben Lindstrom	9a17c9a	2002-06-11 16:47:22 +0000	[diff] [blame]	78	if (from.ss_family == AF_INET)
				79	check_ip_options(socket, ntop);
				80
Ben Lindstrom	121c785	2001-04-18 15:32:44 +0000	[diff] [blame]	81	debug3("Trying to reverse map address %.100s.", ntop);
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	82	/* Map the IP address to a host name. */
				83	if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	84	NULL, 0, NI_NAMEREQD) != 0) {
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	85	/* Host name not found. Use ip address. */
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	86	return xstrdup(ntop);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	87	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	88
Damien Miller	3a961dc	2003-06-03 10:25:48 +1000	[diff] [blame]	89	/*
				90	* if reverse lookup result looks like a numeric hostname,
				91	* someone is trying to trick us by PTR record like following:
				92	* 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5
				93	*/
				94	memset(&hints, 0, sizeof(hints));
				95	hints.ai_socktype = SOCK_DGRAM; /dummy/
Darren Tucker	0f68486	2003-06-05 09:52:42 +1000	[diff] [blame]	96	hints.ai_flags = AI_NUMERICHOST;
Damien Miller	3a961dc	2003-06-03 10:25:48 +1000	[diff] [blame]	97	if (getaddrinfo(name, "0", &hints, &ai) == 0) {
				98	logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
				99	name, ntop);
				100	freeaddrinfo(ai);
				101	return xstrdup(ntop);
				102	}
				103
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	104	/*
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	105	* Convert it to all lowercase (which is expected by the rest
				106	* of this software).
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	107	*/
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	108	for (i = 0; name[i]; i++)
				109	if (isupper(name[i]))
				110	name[i] = tolower(name[i]);
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	111	/*
				112	* Map it back to an IP address and check that the given
				113	* address actually is an address of this host. This is
				114	* necessary because anyone with access to a name server can
				115	* define arbitrary names for an IP address. Mapping from
				116	* name to IP address can be trusted better (but can still be
				117	* fooled if the intruder has access to the name server of
				118	* the domain).
				119	*/
				120	memset(&hints, 0, sizeof(hints));
				121	hints.ai_family = from.ss_family;
				122	hints.ai_socktype = SOCK_STREAM;
				123	if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
Damien Miller	996acd2	2003-04-09 20:59:48 +1000	[diff] [blame]	124	logit("reverse mapping checking getaddrinfo for %.700s "
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	125	"failed - POSSIBLE BREAKIN ATTEMPT!", name);
				126	return xstrdup(ntop);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	127	}
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	128	/* Look for the address from the list of addresses. */
				129	for (ai = aitop; ai; ai = ai->ai_next) {
				130	if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2,
				131	sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 &&
				132	(strcmp(ntop, ntop2) == 0))
				133	break;
				134	}
				135	freeaddrinfo(aitop);
				136	/* If we reached the end of the list, the address was not there. */
				137	if (!ai) {
				138	/* Address not found for the host name. */
Damien Miller	996acd2	2003-04-09 20:59:48 +1000	[diff] [blame]	139	logit("Address %.100s maps to %.600s, but this does not "
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	140	"map back to the address - POSSIBLE BREAKIN ATTEMPT!",
				141	ntop, name);
				142	return xstrdup(ntop);
				143	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	144	return xstrdup(name);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	145	}
				146
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	147	/*
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	148	* If IP options are supported, make sure there are none (log and
				149	* disconnect them if any are found). Basically we are worried about
				150	* source routing; it can be used to pretend you are somebody
				151	* (ip-address) you are not. That itself may be "almost acceptable"
				152	* under certain circumstances, but rhosts autentication is useless
				153	* if source routing is accepted. Notice also that if we just dropped
				154	* source routing here, the other side could use IP spoofing to do
				155	* rest of the interaction and could still bypass security. So we
				156	* exit here if we detect any IP options.
				157	*/
				158	/* IPv4 only */
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	159	static void
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	160	check_ip_options(int socket, char *ipaddr)
				161	{
Ben Lindstrom	075390a	2001-02-10 21:34:46 +0000	[diff] [blame]	162	u_char options[200];
				163	char text[sizeof(options) * 3 + 1];
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	164	socklen_t option_size;
Ben Lindstrom	075390a	2001-02-10 21:34:46 +0000	[diff] [blame]	165	int i, ipproto;
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	166	struct protoent *ip;
				167
				168	if ((ip = getprotobyname("ip")) != NULL)
				169	ipproto = ip->p_proto;
				170	else
				171	ipproto = IPPROTO_IP;
				172	option_size = sizeof(options);
Ben Lindstrom	733a235	2002-03-05 01:31:28 +0000	[diff] [blame]	173	if (getsockopt(socket, ipproto, IP_OPTIONS, options,
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	174	&option_size) >= 0 && option_size != 0) {
Ben Lindstrom	075390a	2001-02-10 21:34:46 +0000	[diff] [blame]	175	text[0] = '\0';
				176	for (i = 0; i < option_size; i++)
				177	snprintf(text + i3, sizeof(text) - i3,
				178	" %2.2x", options[i]);
Damien Miller	996acd2	2003-04-09 20:59:48 +1000	[diff] [blame]	179	logit("Connection from %.100s with IP options:%.800s",
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	180	ipaddr, text);
				181	packet_disconnect("Connection from %.100s with IP options:%.800s",
				182	ipaddr, text);
				183	}
				184	}
				185
				186	/*
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	187	* Return the canonical name of the host in the other side of the current
				188	* connection. The host name is cached, so it is efficient to call this
				189	* several times.
				190	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	191
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	192	const char *
Damien Miller	3a961dc	2003-06-03 10:25:48 +1000	[diff] [blame]	193	get_canonical_hostname(int use_dns)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	194	{
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	195	static char *canonical_host_name = NULL;
Damien Miller	3a961dc	2003-06-03 10:25:48 +1000	[diff] [blame]	196	static int use_dns_done = 0;
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	197
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	198	/* Check if we have previously retrieved name with same option. */
				199	if (canonical_host_name != NULL) {
Damien Miller	3a961dc	2003-06-03 10:25:48 +1000	[diff] [blame]	200	if (use_dns_done != use_dns)
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	201	xfree(canonical_host_name);
				202	else
				203	return canonical_host_name;
				204	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	205
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	206	/* Get the real hostname if socket; otherwise return UNKNOWN. */
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	207	if (packet_connection_is_on_socket())
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	208	canonical_host_name = get_remote_hostname(
Damien Miller	3a961dc	2003-06-03 10:25:48 +1000	[diff] [blame]	209	packet_get_connection_in(), use_dns);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	210	else
				211	canonical_host_name = xstrdup("UNKNOWN");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	212
Damien Miller	3a961dc	2003-06-03 10:25:48 +1000	[diff] [blame]	213	use_dns_done = use_dns;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	214	return canonical_host_name;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	215	}
				216
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	217	/*
Ben Lindstrom	acaac97	2002-12-23 02:13:37 +0000	[diff] [blame]	218	* Returns the local/remote IP-address/hostname of socket as a string.
				219	* The returned string must be freed.
Damien Miller	d83ff35	2001-01-30 09:19:34 +1100	[diff] [blame]	220	*/
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	221	static char *
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	222	get_socket_address(int socket, int remote, int flags)
				223	{
				224	struct sockaddr_storage addr;
				225	socklen_t addrlen;
				226	char ntop[NI_MAXHOST];
				227
				228	/* Get IP address of client. */
				229	addrlen = sizeof(addr);
				230	memset(&addr, 0, sizeof(addr));
				231
				232	if (remote) {
				233	if (getpeername(socket, (struct sockaddr *)&addr, &addrlen)
Damien Miller	b2f844d	2002-09-25 12:19:08 +1000	[diff] [blame]	234	< 0)
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	235	return NULL;
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	236	} else {
				237	if (getsockname(socket, (struct sockaddr *)&addr, &addrlen)
Damien Miller	b2f844d	2002-09-25 12:19:08 +1000	[diff] [blame]	238	< 0)
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	239	return NULL;
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	240	}
Damien Miller	5e4471e	2003-01-07 10:51:23 +1100	[diff] [blame]	241
				242	/* Work around Linux IPv6 weirdness */
				243	if (addr.ss_family == AF_INET6)
				244	addrlen = sizeof(struct sockaddr_in6);
				245
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	246	/* Get the address in ascii. */
				247	if (getnameinfo((struct sockaddr *)&addr, addrlen, ntop, sizeof(ntop),
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	248	NULL, 0, flags) != 0) {
Ben Lindstrom	acaac97	2002-12-23 02:13:37 +0000	[diff] [blame]	249	error("get_socket_address: getnameinfo %d failed", flags);
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	250	return NULL;
				251	}
				252	return xstrdup(ntop);
				253	}
Damien Miller	d83ff35	2001-01-30 09:19:34 +1100	[diff] [blame]	254
				255	char *
				256	get_peer_ipaddr(int socket)
				257	{
Damien Miller	b2f844d	2002-09-25 12:19:08 +1000	[diff] [blame]	258	char *p;
				259
				260	if ((p = get_socket_address(socket, 1, NI_NUMERICHOST)) != NULL)
				261	return p;
				262	return xstrdup("UNKNOWN");
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	263	}
Damien Miller	d83ff35	2001-01-30 09:19:34 +1100	[diff] [blame]	264
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	265	char *
				266	get_local_ipaddr(int socket)
				267	{
Damien Miller	b2f844d	2002-09-25 12:19:08 +1000	[diff] [blame]	268	char *p;
				269
				270	if ((p = get_socket_address(socket, 0, NI_NUMERICHOST)) != NULL)
				271	return p;
				272	return xstrdup("UNKNOWN");
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	273	}
				274
				275	char *
				276	get_local_name(int socket)
				277	{
				278	return get_socket_address(socket, 0, NI_NAMEREQD);
Damien Miller	d83ff35	2001-01-30 09:19:34 +1100	[diff] [blame]	279	}
				280
				281	/*
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	282	* Returns the IP-address of the remote host as a string. The returned
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	283	* string must not be freed.
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	284	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	285
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	286	const char *
Ben Lindstrom	3c36bb2	2001-12-06 17:55:26 +0000	[diff] [blame]	287	get_remote_ipaddr(void)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	288	{
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	289	static char *canonical_host_ip = NULL;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	290
Damien Miller	d83ff35	2001-01-30 09:19:34 +1100	[diff] [blame]	291	/* Check whether we have cached the ipaddr. */
				292	if (canonical_host_ip == NULL) {
				293	if (packet_connection_is_on_socket()) {
				294	canonical_host_ip =
				295	get_peer_ipaddr(packet_get_connection_in());
				296	if (canonical_host_ip == NULL)
				297	fatal_cleanup();
				298	} else {
				299	/* If not on socket, return UNKNOWN. */
				300	canonical_host_ip = xstrdup("UNKNOWN");
				301	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	302	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	303	return canonical_host_ip;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	304	}
				305
Ben Lindstrom	f15a386	2001-04-05 23:32:17 +0000	[diff] [blame]	306	const char *
Damien Miller	3a961dc	2003-06-03 10:25:48 +1000	[diff] [blame]	307	get_remote_name_or_ip(u_int utmp_len, int use_dns)
Ben Lindstrom	f15a386	2001-04-05 23:32:17 +0000	[diff] [blame]	308	{
				309	static const char *remote = "";
				310	if (utmp_len > 0)
Damien Miller	3a961dc	2003-06-03 10:25:48 +1000	[diff] [blame]	311	remote = get_canonical_hostname(use_dns);
Ben Lindstrom	f15a386	2001-04-05 23:32:17 +0000	[diff] [blame]	312	if (utmp_len == 0 \|\| strlen(remote) > utmp_len)
				313	remote = get_remote_ipaddr();
				314	return remote;
				315	}
				316
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	317	/* Returns the local/remote port for the socket. */
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	318
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	319	static int
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	320	get_sock_port(int sock, int local)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	321	{
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	322	struct sockaddr_storage from;
				323	socklen_t fromlen;
				324	char strport[NI_MAXSERV];
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	325
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	326	/* Get IP address of client. */
				327	fromlen = sizeof(from);
				328	memset(&from, 0, sizeof(from));
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	329	if (local) {
				330	if (getsockname(sock, (struct sockaddr *)&from, &fromlen) < 0) {
				331	error("getsockname failed: %.100s", strerror(errno));
				332	return 0;
				333	}
				334	} else {
Ben Lindstrom	acaac97	2002-12-23 02:13:37 +0000	[diff] [blame]	335	if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) {
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	336	debug("getpeername failed: %.100s", strerror(errno));
				337	fatal_cleanup();
				338	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	339	}
Damien Miller	5e4471e	2003-01-07 10:51:23 +1100	[diff] [blame]	340
				341	/* Work around Linux IPv6 weirdness */
				342	if (from.ss_family == AF_INET6)
				343	fromlen = sizeof(struct sockaddr_in6);
				344
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	345	/* Return port number. */
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	346	if (getnameinfo((struct sockaddr *)&from, fromlen, NULL, 0,
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	347	strport, sizeof(strport), NI_NUMERICSERV) != 0)
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	348	fatal("get_sock_port: getnameinfo NI_NUMERICSERV failed");
				349	return atoi(strport);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	350	}
				351
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	352	/* Returns remote/local port number for the current connection. */
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	353
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	354	static int
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	355	get_port(int local)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	356	{
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	357	/*
				358	* If the connection is not a socket, return 65535. This is
				359	* intentionally chosen to be an unprivileged port number.
				360	*/
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	361	if (!packet_connection_is_on_socket())
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	362	return 65535;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	363
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	364	/* Get socket and return the port number. */
				365	return get_sock_port(packet_get_connection_in(), local);
				366	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	367
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	368	int
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	369	get_peer_port(int sock)
				370	{
				371	return get_sock_port(sock, 0);
				372	}
				373
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	374	int
Ben Lindstrom	3c36bb2	2001-12-06 17:55:26 +0000	[diff] [blame]	375	get_remote_port(void)
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	376	{
				377	return get_port(0);
				378	}
				379
				380	int
Ben Lindstrom	3c36bb2	2001-12-06 17:55:26 +0000	[diff] [blame]	381	get_local_port(void)
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	382	{
				383	return get_port(1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	384	}