diff options
author | Damien Miller <djm@mindrot.org> | 1999-11-15 15:25:10 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 1999-11-15 15:25:10 +1100 |
commit | 2ccf661cbe0924a1549a74b5a4f970e90f94d6a9 (patch) | |
tree | 8bb7ea3cbe9d473e7f46b7084f563cc593cc5d47 /canohost.c | |
parent | cedfecc99e73f9661d4dc3cea8c88e57c6e0b487 (diff) |
- Merged more OpenBSD CVS changes:
[auth-krb4.c]
- disconnect if getpeername() fails
- missing xfree(*client)
[canohost.c]
- disconnect if getpeername() fails
- fix comment: we _do_ disconnect if ip-options are set
[sshd.c]
- disconnect if getpeername() fails
- move checking of remote port to central place
[auth-rhosts.c] move checking of remote port to central place
[log-server.c] avoid extra fd per sshd, from millert@
[readconf.c] print _all_ bad config-options in ssh(1), too
[readconf.h] print _all_ bad config-options in ssh(1), too
[ssh.c] print _all_ bad config-options in ssh(1), too
[sshconnect.c] disconnect if getpeername() fails
- OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it.
Diffstat (limited to 'canohost.c')
-rw-r--r-- | canohost.c | 17 |
1 files changed, 8 insertions, 9 deletions
@@ -14,7 +14,7 @@ Functions for returning the canonical host name of the remote site. */ #include "includes.h" -RCSID("$Id: canohost.c,v 1.1 1999/10/27 03:42:43 damien Exp $"); +RCSID("$Id: canohost.c,v 1.2 1999/11/15 04:25:10 damien Exp $"); #include "packet.h" #include "xmalloc.h" @@ -35,9 +35,8 @@ char *get_remote_hostname(int socket) memset(&from, 0, sizeof(from)); if (getpeername(socket, (struct sockaddr *)&from, &fromlen) < 0) { - error("getpeername failed: %.100s", strerror(errno)); - strlcpy(name, "UNKNOWN", sizeof name); - goto check_ip_options; + debug("getpeername failed: %.100s", strerror(errno)); + fatal_cleanup(); } /* Map the IP address to a host name. */ @@ -99,7 +98,7 @@ char *get_remote_hostname(int socket) check_ip_options: - /* If IP options are supported, make sure there are none (log and clear + /* If IP options are supported, make sure there are none (log and disconnect them if any are found). Basically we are worried about source routing; it can be used to pretend you are somebody (ip-address) you are not. That itself may be "almost acceptable" under certain circumstances, @@ -184,8 +183,8 @@ const char *get_remote_ipaddr() memset(&from, 0, sizeof(from)); if (getpeername(socket, (struct sockaddr *)&from, &fromlen) < 0) { - error("getpeername failed: %.100s", strerror(errno)); - return NULL; + debug("getpeername failed: %.100s", strerror(errno)); + fatal_cleanup(); } /* Get the IP address in ascii. */ @@ -207,8 +206,8 @@ int get_peer_port(int sock) memset(&from, 0, sizeof(from)); if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) { - error("getpeername failed: %.100s", strerror(errno)); - return 0; + debug("getpeername failed: %.100s", strerror(errno)); + fatal_cleanup(); } /* Return port number. */ |