- (djm) OpenBSD CVS Sync:

   - [email protected]  2001/01/29 12:42:35
     [canohost.c canohost.h channels.c clientloop.c]
     add get_peer_ipaddr(socket), x11-fwd in ssh2 requires ipaddr, not DNS

ChangeLog

@@ -3,6 +3,9 @@
    - [email protected]  2001/01/29 09:55:37
      [channels.c channels.h clientloop.c serverloop.c]
      fix select overflow; ok deraadt@ and stevesk@
+   - [email protected]  2001/01/29 12:42:35
+     [canohost.c canohost.h channels.c clientloop.c]
+     add get_peer_ipaddr(socket), x11-fwd in ssh2 requires ipaddr, not DNS
 
 20000129
  - (stevesk) sftp-server.c: use %lld vs. %qd

canohost.c

@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: canohost.c,v 1.18 2001/01/21 19:05:45 markus Exp $");
+RCSID("$OpenBSD: canohost.c,v 1.19 2001/01/29 19:42:33 markus Exp $");
 
 #include "packet.h"
 #include "xmalloc.h"
@@ -188,46 +188,55 @@ get_canonical_hostname()
 }
 
 /*
- * Returns the IP-address of the remote host as a string.  The returned
- * string must not be freed.
+ * Returns the remote IP-address of socket as a string.  The returned
+ * string must be freed.
  */
 
-const char *
-get_remote_ipaddr()
+char *
+get_peer_ipaddr(int socket)
 {
-	static char *canonical_host_ip = NULL;
 	struct sockaddr_storage from;
 	socklen_t fromlen;
-	int socket;
 	char ntop[NI_MAXHOST];
 
-	/* Check whether we have chached the name. */
-	if (canonical_host_ip != NULL)
-		return canonical_host_ip;
-
-	/* If not a socket, return UNKNOWN. */
-	if (!packet_connection_is_on_socket()) {
-		canonical_host_ip = xstrdup("UNKNOWN");
-		return canonical_host_ip;
-	}
-	/* Get client socket. */
-	socket = packet_get_connection_in();
-
 	/* Get IP address of client. */
 	fromlen = sizeof(from);
 	memset(&from, 0, sizeof(from));
 	if (getpeername(socket, (struct sockaddr *) & from, &fromlen) < 0) {
-		debug("getpeername failed: %.100s", strerror(errno));
-		fatal_cleanup();
+		debug("get_peer_ipaddr: getpeername failed: %.100s", strerror(errno));
+		return NULL;
 	}
 	/* Get the IP address in ascii. */
 	if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop),
-	     NULL, 0, NI_NUMERICHOST) != 0)
-		fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed");
+	     NULL, 0, NI_NUMERICHOST) != 0) {
+		error("get_peer_ipaddr: getnameinfo NI_NUMERICHOST failed");
+		return NULL;
+	}
+	return xstrdup(ntop);
+}
 
-	canonical_host_ip = xstrdup(ntop);
+/*
+ * Returns the IP-address of the remote host as a string.  The returned
+ * string must not be freed.
+ */
 
-	/* Return ip address string. */
+const char *
+get_remote_ipaddr()
+{
+	static char *canonical_host_ip = NULL;
+
+	/* Check whether we have cached the ipaddr. */
+	if (canonical_host_ip == NULL) {
+		if (packet_connection_is_on_socket()) {
+			canonical_host_ip =
+			    get_peer_ipaddr(packet_get_connection_in());
+			if (canonical_host_ip == NULL)
+				fatal_cleanup();
+		} else {
+			/* If not on socket, return UNKNOWN. */
+			canonical_host_ip = xstrdup("UNKNOWN");
+		}
+	}
 	return canonical_host_ip;
 }
 

canohost.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: canohost.h,v 1.2 2001/01/29 01:58:15 niklas Exp $	*/
+/*	$OpenBSD: canohost.h,v 1.3 2001/01/29 19:42:35 markus Exp $	*/
 
 /*
  * Author: Tatu Ylonen <[email protected]>
@@ -25,12 +25,13 @@ char   *get_remote_hostname(int socket);
 const char *get_canonical_hostname(void);
 
 /*
- * Returns the remote IP address as an ascii string.  The value need not be
- * freed by the caller.
+ * Returns the IP-address of the remote host as a string.  The returned
+ * string must not be freed.
  */
 const char *get_remote_ipaddr(void);
 
-/* Returns the port number of the peer of the socket. */
+/* Returns the ipaddr/port number of the peer of the socket. */
+char *	get_peer_ipaddr(int socket);
 int     get_peer_port(int sock);
 
 /* Returns the port number of the remote/local host. */

channels.c

@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.84 2001/01/29 16:55:36 markus Exp $");
+RCSID("$OpenBSD: channels.c,v 1.85 2001/01/29 19:42:35 markus Exp $");
 
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
@@ -546,7 +546,7 @@ channel_post_x11_listener(Channel *c, fd_set * readset, fd_set * writeset)
 	struct sockaddr addr;
 	int newsock, newch;
 	socklen_t addrlen;
-	char buf[16384], *remote_hostname;
+	char buf[16384], *remote_ipaddr;
 	int remote_port;
 
 	if (FD_ISSET(c->sock, readset)) {
@@ -557,10 +557,10 @@ channel_post_x11_listener(Channel *c, fd_set * readset, fd_set * writeset)
 			error("accept: %.100s", strerror(errno));
 			return;
 		}
-		remote_hostname = get_remote_hostname(newsock);
+		remote_ipaddr = get_peer_ipaddr(newsock);
 		remote_port = get_peer_port(newsock);
 		snprintf(buf, sizeof buf, "X11 connection from %.200s port %d",
-		    remote_hostname, remote_port);
+		    remote_ipaddr, remote_port);
 
 		newch = channel_new("x11",
 		    SSH_CHANNEL_OPENING, newsock, newsock, -1,
@@ -572,8 +572,8 @@ channel_post_x11_listener(Channel *c, fd_set * readset, fd_set * writeset)
 			packet_put_int(newch);
 			packet_put_int(c->local_window_max);
 			packet_put_int(c->local_maxpacket);
-			/* originator host and port */
-			packet_put_cstring(remote_hostname);
+			/* originator ipaddr and port */
+			packet_put_cstring(remote_ipaddr);
 			if (datafellows & SSH_BUG_X11FWD) {
 				debug("ssh2 x11 bug compat mode");
 			} else {
@@ -587,7 +587,7 @@ channel_post_x11_listener(Channel *c, fd_set * readset, fd_set * writeset)
 				packet_put_string(buf, strlen(buf));
 			packet_send();
 		}
-		xfree(remote_hostname);
+		xfree(remote_ipaddr);
 	}
 }
 

clientloop.c

@@ -59,7 +59,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: clientloop.c,v 1.46 2001/01/29 16:55:36 markus Exp $");
+RCSID("$OpenBSD: clientloop.c,v 1.47 2001/01/29 19:42:35 markus Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -1069,6 +1069,8 @@ client_request_x11(const char *request_type, int rchan)
 	}
 	packet_done();
 	/* XXX check permission */
+	debug("client_request_x11: request from %s %d", originator,
+	    originator_port);
 	sock = x11_connect_display();
 	if (sock >= 0) {
 		newch = channel_new("x11",