| version 1.35.2.2, 2004/03/04 18:18:15 |
version 1.36, 2003/04/08 20:21:28 |
|
|
| */ |
*/ |
| |
|
| static char * |
static char * |
| get_remote_hostname(int socket, int use_dns) |
get_remote_hostname(int socket, int verify_reverse_mapping) |
| { |
{ |
| struct sockaddr_storage from; |
struct sockaddr_storage from; |
| int i; |
int i; |
|
|
| memset(&from, 0, sizeof(from)); |
memset(&from, 0, sizeof(from)); |
| if (getpeername(socket, (struct sockaddr *)&from, &fromlen) < 0) { |
if (getpeername(socket, (struct sockaddr *)&from, &fromlen) < 0) { |
| debug("getpeername failed: %.100s", strerror(errno)); |
debug("getpeername failed: %.100s", strerror(errno)); |
| cleanup_exit(255); |
fatal_cleanup(); |
| } |
} |
| |
|
| if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop), |
if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop), |
| NULL, 0, NI_NUMERICHOST) != 0) |
NULL, 0, NI_NUMERICHOST) != 0) |
| fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed"); |
fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed"); |
| |
|
| if (!use_dns) |
|
| return xstrdup(ntop); |
|
| |
|
| if (from.ss_family == AF_INET) |
if (from.ss_family == AF_INET) |
| check_ip_options(socket, ntop); |
check_ip_options(socket, ntop); |
| |
|
|
|
| if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name), |
if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name), |
| NULL, 0, NI_NAMEREQD) != 0) { |
NULL, 0, NI_NAMEREQD) != 0) { |
| /* Host name not found. Use ip address. */ |
/* Host name not found. Use ip address. */ |
| |
#if 0 |
| |
logit("Could not reverse map address %.100s.", ntop); |
| |
#endif |
| return xstrdup(ntop); |
return xstrdup(ntop); |
| } |
} |
| |
|
| |
/* Got host name. */ |
| |
name[sizeof(name) - 1] = '\0'; |
| /* |
/* |
| * if reverse lookup result looks like a numeric hostname, |
|
| * someone is trying to trick us by PTR record like following: |
|
| * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5 |
|
| */ |
|
| memset(&hints, 0, sizeof(hints)); |
|
| hints.ai_socktype = SOCK_DGRAM; /*dummy*/ |
|
| hints.ai_flags = AI_NUMERICHOST; |
|
| if (getaddrinfo(name, "0", &hints, &ai) == 0) { |
|
| logit("Nasty PTR record \"%s\" is set up for %s, ignoring", |
|
| name, ntop); |
|
| freeaddrinfo(ai); |
|
| return xstrdup(ntop); |
|
| } |
|
| |
|
| /* |
|
| * Convert it to all lowercase (which is expected by the rest |
* Convert it to all lowercase (which is expected by the rest |
| * of this software). |
* of this software). |
| */ |
*/ |
| for (i = 0; name[i]; i++) |
for (i = 0; name[i]; i++) |
| if (isupper(name[i])) |
if (isupper(name[i])) |
| name[i] = tolower(name[i]); |
name[i] = tolower(name[i]); |
| |
|
| |
if (!verify_reverse_mapping) |
| |
return xstrdup(name); |
| /* |
/* |
| * Map it back to an IP address and check that the given |
* Map it back to an IP address and check that the given |
| * address actually is an address of this host. This is |
* address actually is an address of this host. This is |
|
|
| */ |
*/ |
| |
|
| const char * |
const char * |
| get_canonical_hostname(int use_dns) |
get_canonical_hostname(int verify_reverse_mapping) |
| { |
{ |
| static char *canonical_host_name = NULL; |
static char *canonical_host_name = NULL; |
| static int use_dns_done = 0; |
static int verify_reverse_mapping_done = 0; |
| |
|
| /* Check if we have previously retrieved name with same option. */ |
/* Check if we have previously retrieved name with same option. */ |
| if (canonical_host_name != NULL) { |
if (canonical_host_name != NULL) { |
| if (use_dns_done != use_dns) |
if (verify_reverse_mapping_done != verify_reverse_mapping) |
| xfree(canonical_host_name); |
xfree(canonical_host_name); |
| else |
else |
| return canonical_host_name; |
return canonical_host_name; |
|
|
| /* Get the real hostname if socket; otherwise return UNKNOWN. */ |
/* Get the real hostname if socket; otherwise return UNKNOWN. */ |
| if (packet_connection_is_on_socket()) |
if (packet_connection_is_on_socket()) |
| canonical_host_name = get_remote_hostname( |
canonical_host_name = get_remote_hostname( |
| packet_get_connection_in(), use_dns); |
packet_get_connection_in(), verify_reverse_mapping); |
| else |
else |
| canonical_host_name = xstrdup("UNKNOWN"); |
canonical_host_name = xstrdup("UNKNOWN"); |
| |
|
| use_dns_done = use_dns; |
verify_reverse_mapping_done = verify_reverse_mapping; |
| return canonical_host_name; |
return canonical_host_name; |
| } |
} |
| |
|
|
|
| canonical_host_ip = |
canonical_host_ip = |
| get_peer_ipaddr(packet_get_connection_in()); |
get_peer_ipaddr(packet_get_connection_in()); |
| if (canonical_host_ip == NULL) |
if (canonical_host_ip == NULL) |
| cleanup_exit(255); |
fatal_cleanup(); |
| } else { |
} else { |
| /* If not on socket, return UNKNOWN. */ |
/* If not on socket, return UNKNOWN. */ |
| canonical_host_ip = xstrdup("UNKNOWN"); |
canonical_host_ip = xstrdup("UNKNOWN"); |
|
|
| } |
} |
| |
|
| const char * |
const char * |
| get_remote_name_or_ip(u_int utmp_len, int use_dns) |
get_remote_name_or_ip(u_int utmp_len, int verify_reverse_mapping) |
| { |
{ |
| static const char *remote = ""; |
static const char *remote = ""; |
| if (utmp_len > 0) |
if (utmp_len > 0) |
| remote = get_canonical_hostname(use_dns); |
remote = get_canonical_hostname(verify_reverse_mapping); |
| if (utmp_len == 0 || strlen(remote) > utmp_len) |
if (utmp_len == 0 || strlen(remote) > utmp_len) |
| remote = get_remote_ipaddr(); |
remote = get_remote_ipaddr(); |
| return remote; |
return remote; |
|
|
| } else { |
} else { |
| if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) { |
if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) { |
| debug("getpeername failed: %.100s", strerror(errno)); |
debug("getpeername failed: %.100s", strerror(errno)); |
| cleanup_exit(255); |
fatal_cleanup(); |
| } |
} |
| } |
} |
| /* Return port number. */ |
/* Return port number. */ |
![[BACK]](/icons/back.gif){kind=icon}
Return to canohost.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh