Annotation of src/usr.bin/ssh/canohost.c, Revision 1.50
1.1 deraadt 1: /*
1.7 deraadt 2: * Author: Tatu Ylonen <ylo@cs.hut.fi>
3: * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4: * All rights reserved
5: * Functions for returning the canonical host name of the remote site.
1.12 markus 6: *
1.14 deraadt 7: * As far as I am concerned, the code I have written for this software
8: * can be used freely for any purpose. Any derived versions of this
9: * software must be clearly marked as such, and if the derived work is
10: * incompatible with the protocol description in the RFC file, it must be
11: * called by a name other than "ssh" or "Secure Shell".
1.7 deraadt 12: */
1.1 deraadt 13:
14: #include "includes.h"
1.50 ! djm 15: RCSID("$OpenBSD: canohost.c,v 1.49 2006/02/22 00:04:44 stevesk Exp $");
1.49 stevesk 16:
17: #include <ctype.h>
1.1 deraadt 18:
19: #include "packet.h"
20: #include "xmalloc.h"
1.18 markus 21: #include "log.h"
1.21 itojun 22: #include "canohost.h"
1.1 deraadt 23:
1.27 itojun 24: static void check_ip_options(int, char *);
1.20 markus 25:
1.8 markus 26: /*
27: * Return the canonical name of the host at the other end of the socket. The
28: * caller should free the returned string with xfree.
29: */
1.1 deraadt 30:
1.27 itojun 31: static char *
1.40 avsm 32: get_remote_hostname(int sock, int use_dns)
1.1 deraadt 33: {
1.10 markus 34: struct sockaddr_storage from;
35: int i;
36: socklen_t fromlen;
37: struct addrinfo hints, *ai, *aitop;
1.20 markus 38: char name[NI_MAXHOST], ntop[NI_MAXHOST], ntop2[NI_MAXHOST];
1.6 markus 39:
40: /* Get IP address of client. */
41: fromlen = sizeof(from);
42: memset(&from, 0, sizeof(from));
1.40 avsm 43: if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) {
1.6 markus 44: debug("getpeername failed: %.100s", strerror(errno));
1.38 markus 45: cleanup_exit(255);
1.6 markus 46: }
1.20 markus 47:
1.10 markus 48: if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop),
1.29 deraadt 49: NULL, 0, NI_NUMERICHOST) != 0)
1.10 markus 50: fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed");
1.45 dtucker 51:
52: if (from.ss_family == AF_INET)
53: check_ip_options(sock, ntop);
1.32 itojun 54:
1.37 markus 55: if (!use_dns)
56: return xstrdup(ntop);
1.10 markus 57:
1.26 markus 58: debug3("Trying to reverse map address %.100s.", ntop);
1.6 markus 59: /* Map the IP address to a host name. */
1.10 markus 60: if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
1.29 deraadt 61: NULL, 0, NI_NAMEREQD) != 0) {
1.20 markus 62: /* Host name not found. Use ip address. */
63: return xstrdup(ntop);
1.6 markus 64: }
65:
1.37 markus 66: /*
67: * if reverse lookup result looks like a numeric hostname,
68: * someone is trying to trick us by PTR record like following:
69: * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5
70: */
71: memset(&hints, 0, sizeof(hints));
72: hints.ai_socktype = SOCK_DGRAM; /*dummy*/
73: hints.ai_flags = AI_NUMERICHOST;
74: if (getaddrinfo(name, "0", &hints, &ai) == 0) {
75: logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
76: name, ntop);
77: freeaddrinfo(ai);
78: return xstrdup(ntop);
79: }
80:
1.20 markus 81: /*
82: * Convert it to all lowercase (which is expected by the rest
83: * of this software).
84: */
85: for (i = 0; name[i]; i++)
86: if (isupper(name[i]))
87: name[i] = tolower(name[i]);
1.8 markus 88: /*
1.20 markus 89: * Map it back to an IP address and check that the given
90: * address actually is an address of this host. This is
91: * necessary because anyone with access to a name server can
92: * define arbitrary names for an IP address. Mapping from
93: * name to IP address can be trusted better (but can still be
94: * fooled if the intruder has access to the name server of
95: * the domain).
1.8 markus 96: */
1.20 markus 97: memset(&hints, 0, sizeof(hints));
98: hints.ai_family = from.ss_family;
99: hints.ai_socktype = SOCK_STREAM;
100: if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
1.36 itojun 101: logit("reverse mapping checking getaddrinfo for %.700s "
1.50 ! djm 102: "[%s] failed - POSSIBLE BREAK-IN ATTEMPT!", name, ntop);
1.20 markus 103: return xstrdup(ntop);
104: }
105: /* Look for the address from the list of addresses. */
106: for (ai = aitop; ai; ai = ai->ai_next) {
107: if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2,
108: sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 &&
109: (strcmp(ntop, ntop2) == 0))
110: break;
111: }
112: freeaddrinfo(aitop);
113: /* If we reached the end of the list, the address was not there. */
114: if (!ai) {
115: /* Address not found for the host name. */
1.36 itojun 116: logit("Address %.100s maps to %.600s, but this does not "
1.48 stevesk 117: "map back to the address - POSSIBLE BREAK-IN ATTEMPT!",
1.20 markus 118: ntop, name);
119: return xstrdup(ntop);
120: }
121: return xstrdup(name);
122: }
1.6 markus 123:
1.20 markus 124: /*
125: * If IP options are supported, make sure there are none (log and
126: * disconnect them if any are found). Basically we are worried about
127: * source routing; it can be used to pretend you are somebody
128: * (ip-address) you are not. That itself may be "almost acceptable"
129: * under certain circumstances, but rhosts autentication is useless
130: * if source routing is accepted. Notice also that if we just dropped
131: * source routing here, the other side could use IP spoofing to do
132: * rest of the interaction and could still bypass security. So we
133: * exit here if we detect any IP options.
134: */
135: /* IPv4 only */
1.27 itojun 136: static void
1.40 avsm 137: check_ip_options(int sock, char *ipaddr)
1.20 markus 138: {
1.22 markus 139: u_char options[200];
140: char text[sizeof(options) * 3 + 1];
1.20 markus 141: socklen_t option_size;
1.44 djm 142: u_int i;
143: int ipproto;
1.20 markus 144: struct protoent *ip;
145:
146: if ((ip = getprotobyname("ip")) != NULL)
147: ipproto = ip->p_proto;
148: else
149: ipproto = IPPROTO_IP;
150: option_size = sizeof(options);
1.40 avsm 151: if (getsockopt(sock, ipproto, IP_OPTIONS, options,
1.20 markus 152: &option_size) >= 0 && option_size != 0) {
1.22 markus 153: text[0] = '\0';
154: for (i = 0; i < option_size; i++)
155: snprintf(text + i*3, sizeof(text) - i*3,
156: " %2.2x", options[i]);
1.46 dtucker 157: fatal("Connection from %.100s with IP options:%.800s",
1.20 markus 158: ipaddr, text);
1.6 markus 159: }
1.1 deraadt 160: }
161:
1.8 markus 162: /*
163: * Return the canonical name of the host in the other side of the current
164: * connection. The host name is cached, so it is efficient to call this
165: * several times.
166: */
1.1 deraadt 167:
1.6 markus 168: const char *
1.37 markus 169: get_canonical_hostname(int use_dns)
1.1 deraadt 170: {
1.47 dtucker 171: char *host;
1.10 markus 172: static char *canonical_host_name = NULL;
1.47 dtucker 173: static char *remote_ip = NULL;
1.10 markus 174:
1.20 markus 175: /* Check if we have previously retrieved name with same option. */
1.47 dtucker 176: if (use_dns && canonical_host_name != NULL)
177: return canonical_host_name;
178: if (!use_dns && remote_ip != NULL)
179: return remote_ip;
1.6 markus 180:
181: /* Get the real hostname if socket; otherwise return UNKNOWN. */
1.10 markus 182: if (packet_connection_is_on_socket())
1.47 dtucker 183: host = get_remote_hostname(packet_get_connection_in(), use_dns);
1.6 markus 184: else
1.47 dtucker 185: host = "UNKNOWN";
1.1 deraadt 186:
1.47 dtucker 187: if (use_dns)
188: canonical_host_name = host;
189: else
190: remote_ip = host;
191: return host;
1.1 deraadt 192: }
193:
1.8 markus 194: /*
1.35 stevesk 195: * Returns the local/remote IP-address/hostname of socket as a string.
196: * The returned string must be freed.
1.8 markus 197: */
1.27 itojun 198: static char *
1.40 avsm 199: get_socket_address(int sock, int remote, int flags)
1.1 deraadt 200: {
1.25 markus 201: struct sockaddr_storage addr;
202: socklen_t addrlen;
1.10 markus 203: char ntop[NI_MAXHOST];
1.42 djm 204: int r;
1.1 deraadt 205:
1.6 markus 206: /* Get IP address of client. */
1.25 markus 207: addrlen = sizeof(addr);
208: memset(&addr, 0, sizeof(addr));
209:
210: if (remote) {
1.40 avsm 211: if (getpeername(sock, (struct sockaddr *)&addr, &addrlen)
1.34 stevesk 212: < 0)
1.25 markus 213: return NULL;
214: } else {
1.40 avsm 215: if (getsockname(sock, (struct sockaddr *)&addr, &addrlen)
1.34 stevesk 216: < 0)
1.25 markus 217: return NULL;
218: }
219: /* Get the address in ascii. */
1.42 djm 220: if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop,
221: sizeof(ntop), NULL, 0, flags)) != 0) {
222: error("get_socket_address: getnameinfo %d failed: %s", flags,
223: r == EAI_SYSTEM ? strerror(errno) : gai_strerror(r));
1.19 markus 224: return NULL;
225: }
226: return xstrdup(ntop);
1.25 markus 227: }
228:
229: char *
1.40 avsm 230: get_peer_ipaddr(int sock)
1.25 markus 231: {
1.34 stevesk 232: char *p;
233:
1.40 avsm 234: if ((p = get_socket_address(sock, 1, NI_NUMERICHOST)) != NULL)
1.34 stevesk 235: return p;
236: return xstrdup("UNKNOWN");
1.25 markus 237: }
238:
239: char *
1.40 avsm 240: get_local_ipaddr(int sock)
1.25 markus 241: {
1.34 stevesk 242: char *p;
243:
1.40 avsm 244: if ((p = get_socket_address(sock, 0, NI_NUMERICHOST)) != NULL)
1.34 stevesk 245: return p;
246: return xstrdup("UNKNOWN");
1.25 markus 247: }
248:
249: char *
1.40 avsm 250: get_local_name(int sock)
1.25 markus 251: {
1.40 avsm 252: return get_socket_address(sock, 0, NI_NAMEREQD);
1.19 markus 253: }
254:
255: /*
256: * Returns the IP-address of the remote host as a string. The returned
257: * string must not be freed.
258: */
1.10 markus 259:
1.19 markus 260: const char *
1.28 itojun 261: get_remote_ipaddr(void)
1.19 markus 262: {
263: static char *canonical_host_ip = NULL;
1.1 deraadt 264:
1.19 markus 265: /* Check whether we have cached the ipaddr. */
266: if (canonical_host_ip == NULL) {
267: if (packet_connection_is_on_socket()) {
268: canonical_host_ip =
269: get_peer_ipaddr(packet_get_connection_in());
270: if (canonical_host_ip == NULL)
1.38 markus 271: cleanup_exit(255);
1.19 markus 272: } else {
273: /* If not on socket, return UNKNOWN. */
274: canonical_host_ip = xstrdup("UNKNOWN");
275: }
276: }
1.6 markus 277: return canonical_host_ip;
1.24 stevesk 278: }
279:
280: const char *
1.37 markus 281: get_remote_name_or_ip(u_int utmp_len, int use_dns)
1.24 stevesk 282: {
283: static const char *remote = "";
284: if (utmp_len > 0)
1.37 markus 285: remote = get_canonical_hostname(use_dns);
1.24 stevesk 286: if (utmp_len == 0 || strlen(remote) > utmp_len)
287: remote = get_remote_ipaddr();
288: return remote;
1.1 deraadt 289: }
290:
1.10 markus 291: /* Returns the local/remote port for the socket. */
1.1 deraadt 292:
1.27 itojun 293: static int
1.10 markus 294: get_sock_port(int sock, int local)
1.1 deraadt 295: {
1.10 markus 296: struct sockaddr_storage from;
297: socklen_t fromlen;
298: char strport[NI_MAXSERV];
1.42 djm 299: int r;
1.1 deraadt 300:
1.6 markus 301: /* Get IP address of client. */
302: fromlen = sizeof(from);
303: memset(&from, 0, sizeof(from));
1.10 markus 304: if (local) {
305: if (getsockname(sock, (struct sockaddr *)&from, &fromlen) < 0) {
306: error("getsockname failed: %.100s", strerror(errno));
307: return 0;
308: }
309: } else {
1.35 stevesk 310: if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) {
1.10 markus 311: debug("getpeername failed: %.100s", strerror(errno));
1.43 markus 312: return -1;
1.10 markus 313: }
1.6 markus 314: }
315: /* Return port number. */
1.42 djm 316: if ((r = getnameinfo((struct sockaddr *)&from, fromlen, NULL, 0,
317: strport, sizeof(strport), NI_NUMERICSERV)) != 0)
318: fatal("get_sock_port: getnameinfo NI_NUMERICSERV failed: %s",
319: r == EAI_SYSTEM ? strerror(errno) : gai_strerror(r));
1.10 markus 320: return atoi(strport);
1.1 deraadt 321: }
322:
1.10 markus 323: /* Returns remote/local port number for the current connection. */
1.1 deraadt 324:
1.27 itojun 325: static int
1.10 markus 326: get_port(int local)
1.1 deraadt 327: {
1.8 markus 328: /*
329: * If the connection is not a socket, return 65535. This is
330: * intentionally chosen to be an unprivileged port number.
331: */
1.10 markus 332: if (!packet_connection_is_on_socket())
1.6 markus 333: return 65535;
1.1 deraadt 334:
1.10 markus 335: /* Get socket and return the port number. */
336: return get_sock_port(packet_get_connection_in(), local);
337: }
338:
1.12 markus 339: int
1.10 markus 340: get_peer_port(int sock)
341: {
342: return get_sock_port(sock, 0);
343: }
344:
1.12 markus 345: int
1.28 itojun 346: get_remote_port(void)
1.10 markus 347: {
1.41 djm 348: static int port = -1;
349:
350: /* Cache to avoid getpeername() on a dead connection */
351: if (port == -1)
352: port = get_port(0);
353:
354: return port;
1.10 markus 355: }
1.1 deraadt 356:
1.10 markus 357: int
1.28 itojun 358: get_local_port(void)
1.10 markus 359: {
360: return get_port(1);
1.1 deraadt 361: }