===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/canohost.c,v
retrieving revision 1.44.2.2
retrieving revision 1.45
diff -u -r1.44.2.2 -r1.45
--- src/usr.bin/ssh/canohost.c	2006/10/06 03:19:32	1.44.2.2
+++ src/usr.bin/ssh/canohost.c	2005/10/03 07:44:42	1.45
@@ -1,4 +1,3 @@
-/* $OpenBSD: canohost.c,v 1.44.2.2 2006/10/06 03:19:32 brad Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -12,21 +11,11 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-#include <sys/types.h>
-#include <sys/socket.h>
+#include "includes.h"
+RCSID("$OpenBSD: canohost.c,v 1.45 2005/10/03 07:44:42 dtucker Exp $");
 
-#include <netinet/in.h>
-
-#include <ctype.h>
-#include <errno.h>
-#include <netdb.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <stdarg.h>
-
-#include "xmalloc.h"
 #include "packet.h"
+#include "xmalloc.h"
 #include "log.h"
 #include "canohost.h"
 
@@ -93,7 +82,7 @@
 	 */
 	for (i = 0; name[i]; i++)
 		if (isupper(name[i]))
-			name[i] = (char)tolower(name[i]);
+			name[i] = tolower(name[i]);
 	/*
 	 * Map it back to an IP address and check that the given
 	 * address actually is an address of this host.  This is
@@ -108,7 +97,7 @@
 	hints.ai_socktype = SOCK_STREAM;
 	if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
 		logit("reverse mapping checking getaddrinfo for %.700s "
-		    "[%s] failed - POSSIBLE BREAK-IN ATTEMPT!", name, ntop);
+		    "failed - POSSIBLE BREAKIN ATTEMPT!", name);
 		return xstrdup(ntop);
 	}
 	/* Look for the address from the list of addresses. */
@@ -123,7 +112,7 @@
 	if (!ai) {
 		/* Address not found for the host name. */
 		logit("Address %.100s maps to %.600s, but this does not "
-		    "map back to the address - POSSIBLE BREAK-IN ATTEMPT!",
+		    "map back to the address - POSSIBLE BREAKIN ATTEMPT!",
 		    ntop, name);
 		return xstrdup(ntop);
 	}
@@ -163,8 +152,10 @@
 		for (i = 0; i < option_size; i++)
 			snprintf(text + i*3, sizeof(text) - i*3,
 			    " %2.2x", options[i]);
-		fatal("Connection from %.100s with IP options:%.800s",
+		logit("Connection from %.100s with IP options:%.800s",
 		    ipaddr, text);
+		packet_disconnect("Connection from %.100s with IP options:%.800s",
+		    ipaddr, text);
 	}
 }
 
@@ -177,27 +168,26 @@
 const char *
 get_canonical_hostname(int use_dns)
 {
-	char *host;
 	static char *canonical_host_name = NULL;
-	static char *remote_ip = NULL;
+	static int use_dns_done = 0;
 
 	/* Check if we have previously retrieved name with same option. */
-	if (use_dns && canonical_host_name != NULL)
-		return canonical_host_name;
-	if (!use_dns && remote_ip != NULL)
-		return remote_ip;
+	if (canonical_host_name != NULL) {
+		if (use_dns_done != use_dns)
+			xfree(canonical_host_name);
+		else
+			return canonical_host_name;
+	}
 
 	/* Get the real hostname if socket; otherwise return UNKNOWN. */
 	if (packet_connection_is_on_socket())
-		host = get_remote_hostname(packet_get_connection_in(), use_dns);
+		canonical_host_name = get_remote_hostname(
+		    packet_get_connection_in(), use_dns);
 	else
-		host = "UNKNOWN";
+		canonical_host_name = xstrdup("UNKNOWN");
 
-	if (use_dns)
-		canonical_host_name = host;
-	else
-		remote_ip = host;
-	return host;
+	use_dns_done = use_dns;
+	return canonical_host_name;
 }
 
 /*