Blame - canohost.c - platform/external/openssh

blob: 9aa942a9f4c51cd6b257184defddbf6d09202fc6 [file] [log] [blame]

Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1	/*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	2	* Author: Tatu Ylonen <ylo@cs.hut.fi>
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	3	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
				4	* All rights reserved
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	5	* Functions for returning the canonical host name of the remote site.
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	6	*
Damien Miller	e4340be	2000-09-16 13:29:08 +1100	[diff] [blame]	7	* As far as I am concerned, the code I have written for this software
				8	* can be used freely for any purpose. Any derived versions of this
				9	* software must be clearly marked as such, and if the derived work is
				10	* incompatible with the protocol description in the RFC file, it must be
				11	* called by a name other than "ssh" or "Secure Shell".
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	12	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	13
				14	#include "includes.h"
Ben Lindstrom	acaac97	2002-12-23 02:13:37 +0000	[diff] [blame^]	15	RCSID("$OpenBSD: canohost.c,v 1.35 2002/11/26 02:38:54 stevesk Exp $");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	16
				17	#include "packet.h"
				18	#include "xmalloc.h"
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	19	#include "log.h"
Ben Lindstrom	31ca54a	2001-02-09 02:11:24 +0000	[diff] [blame]	20	#include "canohost.h"
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	21
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	22	static void check_ip_options(int, char *);
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	23
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	24	/*
				25	* Return the canonical name of the host at the other end of the socket. The
				26	* caller should free the returned string with xfree.
				27	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	28
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	29	static char *
Damien Miller	c5d8635	2002-02-05 12:13:41 +1100	[diff] [blame]	30	get_remote_hostname(int socket, int verify_reverse_mapping)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	31	{
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	32	struct sockaddr_storage from;
				33	int i;
				34	socklen_t fromlen;
				35	struct addrinfo hints, ai, aitop;
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	36	char name[NI_MAXHOST], ntop[NI_MAXHOST], ntop2[NI_MAXHOST];
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	37
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	38	/* Get IP address of client. */
				39	fromlen = sizeof(from);
				40	memset(&from, 0, sizeof(from));
Ben Lindstrom	acaac97	2002-12-23 02:13:37 +0000	[diff] [blame^]	41	if (getpeername(socket, (struct sockaddr *)&from, &fromlen) < 0) {
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	42	debug("getpeername failed: %.100s", strerror(errno));
				43	fatal_cleanup();
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	44	}
Damien Miller	7bcb089	2000-03-11 20:45:40 +1100	[diff] [blame]	45	#ifdef IPV4_IN_IPV6
				46	if (from.ss_family == AF_INET6) {
				47	struct sockaddr_in6 from6 = (struct sockaddr_in6 )&from;
				48
				49	/* Detect IPv4 in IPv6 mapped address and convert it to */
				50	/* plain (AF_INET) IPv4 address */
				51	if (IN6_IS_ADDR_V4MAPPED(&from6->sin6_addr)) {
				52	struct sockaddr_in from4 = (struct sockaddr_in )&from;
				53	struct in_addr addr;
				54	u_int16_t port;
				55
				56	memcpy(&addr, ((char *)&from6->sin6_addr) + 12, sizeof(addr));
				57	port = from6->sin6_port;
				58
				59	memset(&from, 0, sizeof(from));
Kevin Steves	ef4eea9	2001-02-05 12:42:17 +0000	[diff] [blame]	60
Damien Miller	7bcb089	2000-03-11 20:45:40 +1100	[diff] [blame]	61	from4->sin_family = AF_INET;
				62	memcpy(&from4->sin_addr, &addr, sizeof(addr));
				63	from4->sin_port = port;
				64	}
				65	}
				66	#endif
				67
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	68	if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop),
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	69	NULL, 0, NI_NUMERICHOST) != 0)
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	70	fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed");
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	71
Ben Lindstrom	9a17c9a	2002-06-11 16:47:22 +0000	[diff] [blame]	72	if (from.ss_family == AF_INET)
				73	check_ip_options(socket, ntop);
				74
Ben Lindstrom	121c785	2001-04-18 15:32:44 +0000	[diff] [blame]	75	debug3("Trying to reverse map address %.100s.", ntop);
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	76	/* Map the IP address to a host name. */
				77	if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	78	NULL, 0, NI_NAMEREQD) != 0) {
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	79	/* Host name not found. Use ip address. */
Ben Lindstrom	e982773	2002-07-11 03:56:46 +0000	[diff] [blame]	80	#if 0
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	81	log("Could not reverse map address %.100s.", ntop);
Ben Lindstrom	e982773	2002-07-11 03:56:46 +0000	[diff] [blame]	82	#endif
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	83	return xstrdup(ntop);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	84	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	85
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	86	/* Got host name. */
				87	name[sizeof(name) - 1] = '\0';
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	88	/*
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	89	* Convert it to all lowercase (which is expected by the rest
				90	* of this software).
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	91	*/
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	92	for (i = 0; name[i]; i++)
				93	if (isupper(name[i]))
				94	name[i] = tolower(name[i]);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	95
Damien Miller	c5d8635	2002-02-05 12:13:41 +1100	[diff] [blame]	96	if (!verify_reverse_mapping)
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	97	return xstrdup(name);
				98	/*
				99	* Map it back to an IP address and check that the given
				100	* address actually is an address of this host. This is
				101	* necessary because anyone with access to a name server can
				102	* define arbitrary names for an IP address. Mapping from
				103	* name to IP address can be trusted better (but can still be
				104	* fooled if the intruder has access to the name server of
				105	* the domain).
				106	*/
				107	memset(&hints, 0, sizeof(hints));
				108	hints.ai_family = from.ss_family;
				109	hints.ai_socktype = SOCK_STREAM;
				110	if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
				111	log("reverse mapping checking getaddrinfo for %.700s "
				112	"failed - POSSIBLE BREAKIN ATTEMPT!", name);
				113	return xstrdup(ntop);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	114	}
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	115	/* Look for the address from the list of addresses. */
				116	for (ai = aitop; ai; ai = ai->ai_next) {
				117	if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2,
				118	sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 &&
				119	(strcmp(ntop, ntop2) == 0))
				120	break;
				121	}
				122	freeaddrinfo(aitop);
				123	/* If we reached the end of the list, the address was not there. */
				124	if (!ai) {
				125	/* Address not found for the host name. */
				126	log("Address %.100s maps to %.600s, but this does not "
				127	"map back to the address - POSSIBLE BREAKIN ATTEMPT!",
				128	ntop, name);
				129	return xstrdup(ntop);
				130	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	131	return xstrdup(name);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	132	}
				133
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	134	/*
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	135	* If IP options are supported, make sure there are none (log and
				136	* disconnect them if any are found). Basically we are worried about
				137	* source routing; it can be used to pretend you are somebody
				138	* (ip-address) you are not. That itself may be "almost acceptable"
				139	* under certain circumstances, but rhosts autentication is useless
				140	* if source routing is accepted. Notice also that if we just dropped
				141	* source routing here, the other side could use IP spoofing to do
				142	* rest of the interaction and could still bypass security. So we
				143	* exit here if we detect any IP options.
				144	*/
				145	/* IPv4 only */
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	146	static void
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	147	check_ip_options(int socket, char *ipaddr)
				148	{
Ben Lindstrom	075390a	2001-02-10 21:34:46 +0000	[diff] [blame]	149	u_char options[200];
				150	char text[sizeof(options) * 3 + 1];
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	151	socklen_t option_size;
Ben Lindstrom	075390a	2001-02-10 21:34:46 +0000	[diff] [blame]	152	int i, ipproto;
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	153	struct protoent *ip;
				154
				155	if ((ip = getprotobyname("ip")) != NULL)
				156	ipproto = ip->p_proto;
				157	else
				158	ipproto = IPPROTO_IP;
				159	option_size = sizeof(options);
Ben Lindstrom	733a235	2002-03-05 01:31:28 +0000	[diff] [blame]	160	if (getsockopt(socket, ipproto, IP_OPTIONS, options,
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	161	&option_size) >= 0 && option_size != 0) {
Ben Lindstrom	075390a	2001-02-10 21:34:46 +0000	[diff] [blame]	162	text[0] = '\0';
				163	for (i = 0; i < option_size; i++)
				164	snprintf(text + i3, sizeof(text) - i3,
				165	" %2.2x", options[i]);
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	166	log("Connection from %.100s with IP options:%.800s",
				167	ipaddr, text);
				168	packet_disconnect("Connection from %.100s with IP options:%.800s",
				169	ipaddr, text);
				170	}
				171	}
				172
				173	/*
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	174	* Return the canonical name of the host in the other side of the current
				175	* connection. The host name is cached, so it is efficient to call this
				176	* several times.
				177	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	178
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	179	const char *
Damien Miller	c5d8635	2002-02-05 12:13:41 +1100	[diff] [blame]	180	get_canonical_hostname(int verify_reverse_mapping)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	181	{
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	182	static char *canonical_host_name = NULL;
Damien Miller	c5d8635	2002-02-05 12:13:41 +1100	[diff] [blame]	183	static int verify_reverse_mapping_done = 0;
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	184
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	185	/* Check if we have previously retrieved name with same option. */
				186	if (canonical_host_name != NULL) {
Damien Miller	c5d8635	2002-02-05 12:13:41 +1100	[diff] [blame]	187	if (verify_reverse_mapping_done != verify_reverse_mapping)
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	188	xfree(canonical_host_name);
				189	else
				190	return canonical_host_name;
				191	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	192
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	193	/* Get the real hostname if socket; otherwise return UNKNOWN. */
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	194	if (packet_connection_is_on_socket())
Damien Miller	3380426	2001-02-04 23:20:18 +1100	[diff] [blame]	195	canonical_host_name = get_remote_hostname(
Damien Miller	c5d8635	2002-02-05 12:13:41 +1100	[diff] [blame]	196	packet_get_connection_in(), verify_reverse_mapping);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	197	else
				198	canonical_host_name = xstrdup("UNKNOWN");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	199
Damien Miller	c5d8635	2002-02-05 12:13:41 +1100	[diff] [blame]	200	verify_reverse_mapping_done = verify_reverse_mapping;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	201	return canonical_host_name;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	202	}
				203
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	204	/*
Ben Lindstrom	acaac97	2002-12-23 02:13:37 +0000	[diff] [blame^]	205	* Returns the local/remote IP-address/hostname of socket as a string.
				206	* The returned string must be freed.
Damien Miller	d83ff35	2001-01-30 09:19:34 +1100	[diff] [blame]	207	*/
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	208	static char *
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	209	get_socket_address(int socket, int remote, int flags)
				210	{
				211	struct sockaddr_storage addr;
				212	socklen_t addrlen;
				213	char ntop[NI_MAXHOST];
				214
				215	/* Get IP address of client. */
				216	addrlen = sizeof(addr);
				217	memset(&addr, 0, sizeof(addr));
				218
				219	if (remote) {
				220	if (getpeername(socket, (struct sockaddr *)&addr, &addrlen)
Damien Miller	b2f844d	2002-09-25 12:19:08 +1000	[diff] [blame]	221	< 0)
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	222	return NULL;
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	223	} else {
				224	if (getsockname(socket, (struct sockaddr *)&addr, &addrlen)
Damien Miller	b2f844d	2002-09-25 12:19:08 +1000	[diff] [blame]	225	< 0)
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	226	return NULL;
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	227	}
				228	/* Get the address in ascii. */
				229	if (getnameinfo((struct sockaddr *)&addr, addrlen, ntop, sizeof(ntop),
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	230	NULL, 0, flags) != 0) {
Ben Lindstrom	acaac97	2002-12-23 02:13:37 +0000	[diff] [blame^]	231	error("get_socket_address: getnameinfo %d failed", flags);
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	232	return NULL;
				233	}
				234	return xstrdup(ntop);
				235	}
Damien Miller	d83ff35	2001-01-30 09:19:34 +1100	[diff] [blame]	236
				237	char *
				238	get_peer_ipaddr(int socket)
				239	{
Damien Miller	b2f844d	2002-09-25 12:19:08 +1000	[diff] [blame]	240	char *p;
				241
				242	if ((p = get_socket_address(socket, 1, NI_NUMERICHOST)) != NULL)
				243	return p;
				244	return xstrdup("UNKNOWN");
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	245	}
Damien Miller	d83ff35	2001-01-30 09:19:34 +1100	[diff] [blame]	246
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	247	char *
				248	get_local_ipaddr(int socket)
				249	{
Damien Miller	b2f844d	2002-09-25 12:19:08 +1000	[diff] [blame]	250	char *p;
				251
				252	if ((p = get_socket_address(socket, 0, NI_NUMERICHOST)) != NULL)
				253	return p;
				254	return xstrdup("UNKNOWN");
Ben Lindstrom	5eabda3	2001-04-12 23:34:34 +0000	[diff] [blame]	255	}
				256
				257	char *
				258	get_local_name(int socket)
				259	{
				260	return get_socket_address(socket, 0, NI_NAMEREQD);
Damien Miller	d83ff35	2001-01-30 09:19:34 +1100	[diff] [blame]	261	}
				262
				263	/*
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	264	* Returns the IP-address of the remote host as a string. The returned
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	265	* string must not be freed.
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	266	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	267
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	268	const char *
Ben Lindstrom	3c36bb2	2001-12-06 17:55:26 +0000	[diff] [blame]	269	get_remote_ipaddr(void)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	270	{
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	271	static char *canonical_host_ip = NULL;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	272
Damien Miller	d83ff35	2001-01-30 09:19:34 +1100	[diff] [blame]	273	/* Check whether we have cached the ipaddr. */
				274	if (canonical_host_ip == NULL) {
				275	if (packet_connection_is_on_socket()) {
				276	canonical_host_ip =
				277	get_peer_ipaddr(packet_get_connection_in());
				278	if (canonical_host_ip == NULL)
				279	fatal_cleanup();
				280	} else {
				281	/* If not on socket, return UNKNOWN. */
				282	canonical_host_ip = xstrdup("UNKNOWN");
				283	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	284	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	285	return canonical_host_ip;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	286	}
				287
Ben Lindstrom	f15a386	2001-04-05 23:32:17 +0000	[diff] [blame]	288	const char *
Damien Miller	c5d8635	2002-02-05 12:13:41 +1100	[diff] [blame]	289	get_remote_name_or_ip(u_int utmp_len, int verify_reverse_mapping)
Ben Lindstrom	f15a386	2001-04-05 23:32:17 +0000	[diff] [blame]	290	{
				291	static const char *remote = "";
				292	if (utmp_len > 0)
Damien Miller	c5d8635	2002-02-05 12:13:41 +1100	[diff] [blame]	293	remote = get_canonical_hostname(verify_reverse_mapping);
Ben Lindstrom	f15a386	2001-04-05 23:32:17 +0000	[diff] [blame]	294	if (utmp_len == 0 \|\| strlen(remote) > utmp_len)
				295	remote = get_remote_ipaddr();
				296	return remote;
				297	}
				298
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	299	/* Returns the local/remote port for the socket. */
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	300
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	301	static int
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	302	get_sock_port(int sock, int local)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	303	{
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	304	struct sockaddr_storage from;
				305	socklen_t fromlen;
				306	char strport[NI_MAXSERV];
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	307
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	308	/* Get IP address of client. */
				309	fromlen = sizeof(from);
				310	memset(&from, 0, sizeof(from));
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	311	if (local) {
				312	if (getsockname(sock, (struct sockaddr *)&from, &fromlen) < 0) {
				313	error("getsockname failed: %.100s", strerror(errno));
				314	return 0;
				315	}
				316	} else {
Ben Lindstrom	acaac97	2002-12-23 02:13:37 +0000	[diff] [blame^]	317	if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) {
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	318	debug("getpeername failed: %.100s", strerror(errno));
				319	fatal_cleanup();
				320	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	321	}
				322	/* Return port number. */
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	323	if (getnameinfo((struct sockaddr *)&from, fromlen, NULL, 0,
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	324	strport, sizeof(strport), NI_NUMERICSERV) != 0)
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	325	fatal("get_sock_port: getnameinfo NI_NUMERICSERV failed");
				326	return atoi(strport);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	327	}
				328
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	329	/* Returns remote/local port number for the current connection. */
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	330
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	331	static int
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	332	get_port(int local)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	333	{
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	334	/*
				335	* If the connection is not a socket, return 65535. This is
				336	* intentionally chosen to be an unprivileged port number.
				337	*/
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	338	if (!packet_connection_is_on_socket())
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	339	return 65535;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	340
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	341	/* Get socket and return the port number. */
				342	return get_sock_port(packet_get_connection_in(), local);
				343	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	344
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	345	int
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	346	get_peer_port(int sock)
				347	{
				348	return get_sock_port(sock, 0);
				349	}
				350
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	351	int
Ben Lindstrom	3c36bb2	2001-12-06 17:55:26 +0000	[diff] [blame]	352	get_remote_port(void)
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	353	{
				354	return get_port(0);
				355	}
				356
				357	int
Ben Lindstrom	3c36bb2	2001-12-06 17:55:26 +0000	[diff] [blame]	358	get_local_port(void)
Damien Miller	34132e5	2000-01-14 15:45:46 +1100	[diff] [blame]	359	{
				360	return get_port(1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	361	}