1*e9778795SPeter Avalos /* $OpenBSD: canohost.c,v 1.73 2016/03/07 19:02:43 djm Exp $ */ 218de8d7fSPeter Avalos /* 318de8d7fSPeter Avalos * Author: Tatu Ylonen <ylo@cs.hut.fi> 418de8d7fSPeter Avalos * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 518de8d7fSPeter Avalos * All rights reserved 618de8d7fSPeter Avalos * Functions for returning the canonical host name of the remote site. 718de8d7fSPeter Avalos * 818de8d7fSPeter Avalos * As far as I am concerned, the code I have written for this software 918de8d7fSPeter Avalos * can be used freely for any purpose. Any derived versions of this 1018de8d7fSPeter Avalos * software must be clearly marked as such, and if the derived work is 1118de8d7fSPeter Avalos * incompatible with the protocol description in the RFC file, it must be 1218de8d7fSPeter Avalos * called by a name other than "ssh" or "Secure Shell". 1318de8d7fSPeter Avalos */ 1418de8d7fSPeter Avalos 1518de8d7fSPeter Avalos #include "includes.h" 1618de8d7fSPeter Avalos 1718de8d7fSPeter Avalos #include <sys/types.h> 1818de8d7fSPeter Avalos #include <sys/socket.h> 1936e94dc5SPeter Avalos #include <sys/un.h> 2018de8d7fSPeter Avalos 2118de8d7fSPeter Avalos #include <netinet/in.h> 2218de8d7fSPeter Avalos #include <arpa/inet.h> 2318de8d7fSPeter Avalos 2418de8d7fSPeter Avalos #include <errno.h> 2518de8d7fSPeter Avalos #include <netdb.h> 2618de8d7fSPeter Avalos #include <stdio.h> 2718de8d7fSPeter Avalos #include <stdlib.h> 2818de8d7fSPeter Avalos #include <string.h> 2918de8d7fSPeter Avalos #include <stdarg.h> 30856ea928SPeter Avalos #include <unistd.h> 3118de8d7fSPeter Avalos 3218de8d7fSPeter Avalos #include "xmalloc.h" 3318de8d7fSPeter Avalos #include "packet.h" 3418de8d7fSPeter Avalos #include "log.h" 3518de8d7fSPeter Avalos #include "canohost.h" 3618de8d7fSPeter Avalos #include "misc.h" 3718de8d7fSPeter Avalos 3818de8d7fSPeter Avalos void 3918de8d7fSPeter Avalos ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len) 4018de8d7fSPeter Avalos { 4118de8d7fSPeter Avalos struct sockaddr_in6 *a6 = (struct sockaddr_in6 *)addr; 4218de8d7fSPeter Avalos struct sockaddr_in *a4 = (struct sockaddr_in *)addr; 4318de8d7fSPeter Avalos struct in_addr inaddr; 4418de8d7fSPeter Avalos u_int16_t port; 4518de8d7fSPeter Avalos 4618de8d7fSPeter Avalos if (addr->ss_family != AF_INET6 || 4718de8d7fSPeter Avalos !IN6_IS_ADDR_V4MAPPED(&a6->sin6_addr)) 4818de8d7fSPeter Avalos return; 4918de8d7fSPeter Avalos 5018de8d7fSPeter Avalos debug3("Normalising mapped IPv4 in IPv6 address"); 5118de8d7fSPeter Avalos 5218de8d7fSPeter Avalos memcpy(&inaddr, ((char *)&a6->sin6_addr) + 12, sizeof(inaddr)); 5318de8d7fSPeter Avalos port = a6->sin6_port; 5418de8d7fSPeter Avalos 5536e94dc5SPeter Avalos memset(a4, 0, sizeof(*a4)); 5618de8d7fSPeter Avalos 5718de8d7fSPeter Avalos a4->sin_family = AF_INET; 5818de8d7fSPeter Avalos *len = sizeof(*a4); 5918de8d7fSPeter Avalos memcpy(&a4->sin_addr, &inaddr, sizeof(inaddr)); 6018de8d7fSPeter Avalos a4->sin_port = port; 6118de8d7fSPeter Avalos } 6218de8d7fSPeter Avalos 6318de8d7fSPeter Avalos /* 6418de8d7fSPeter Avalos * Returns the local/remote IP-address/hostname of socket as a string. 6518de8d7fSPeter Avalos * The returned string must be freed. 6618de8d7fSPeter Avalos */ 6718de8d7fSPeter Avalos static char * 6818de8d7fSPeter Avalos get_socket_address(int sock, int remote, int flags) 6918de8d7fSPeter Avalos { 7018de8d7fSPeter Avalos struct sockaddr_storage addr; 7118de8d7fSPeter Avalos socklen_t addrlen; 7218de8d7fSPeter Avalos char ntop[NI_MAXHOST]; 7318de8d7fSPeter Avalos int r; 7418de8d7fSPeter Avalos 7518de8d7fSPeter Avalos /* Get IP address of client. */ 7618de8d7fSPeter Avalos addrlen = sizeof(addr); 7718de8d7fSPeter Avalos memset(&addr, 0, sizeof(addr)); 7818de8d7fSPeter Avalos 7918de8d7fSPeter Avalos if (remote) { 80*e9778795SPeter Avalos if (getpeername(sock, (struct sockaddr *)&addr, &addrlen) != 0) 8118de8d7fSPeter Avalos return NULL; 8218de8d7fSPeter Avalos } else { 83*e9778795SPeter Avalos if (getsockname(sock, (struct sockaddr *)&addr, &addrlen) != 0) 8418de8d7fSPeter Avalos return NULL; 8518de8d7fSPeter Avalos } 8618de8d7fSPeter Avalos 8718de8d7fSPeter Avalos /* Work around Linux IPv6 weirdness */ 88*e9778795SPeter Avalos if (addr.ss_family == AF_INET6) { 8918de8d7fSPeter Avalos addrlen = sizeof(struct sockaddr_in6); 90*e9778795SPeter Avalos ipv64_normalise_mapped(&addr, &addrlen); 9136e94dc5SPeter Avalos } 9236e94dc5SPeter Avalos 93*e9778795SPeter Avalos switch (addr.ss_family) { 94*e9778795SPeter Avalos case AF_INET: 95*e9778795SPeter Avalos case AF_INET6: 9618de8d7fSPeter Avalos /* Get the address in ascii. */ 9718de8d7fSPeter Avalos if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop, 9818de8d7fSPeter Avalos sizeof(ntop), NULL, 0, flags)) != 0) { 99*e9778795SPeter Avalos error("%s: getnameinfo %d failed: %s", __func__, 100*e9778795SPeter Avalos flags, ssh_gai_strerror(r)); 10118de8d7fSPeter Avalos return NULL; 10218de8d7fSPeter Avalos } 10318de8d7fSPeter Avalos return xstrdup(ntop); 104*e9778795SPeter Avalos case AF_UNIX: 105*e9778795SPeter Avalos /* Get the Unix domain socket path. */ 106*e9778795SPeter Avalos return xstrdup(((struct sockaddr_un *)&addr)->sun_path); 107*e9778795SPeter Avalos default: 108*e9778795SPeter Avalos /* We can't look up remote Unix domain sockets. */ 109*e9778795SPeter Avalos return NULL; 110*e9778795SPeter Avalos } 11118de8d7fSPeter Avalos } 11218de8d7fSPeter Avalos 11318de8d7fSPeter Avalos char * 11418de8d7fSPeter Avalos get_peer_ipaddr(int sock) 11518de8d7fSPeter Avalos { 11618de8d7fSPeter Avalos char *p; 11718de8d7fSPeter Avalos 11818de8d7fSPeter Avalos if ((p = get_socket_address(sock, 1, NI_NUMERICHOST)) != NULL) 11918de8d7fSPeter Avalos return p; 12018de8d7fSPeter Avalos return xstrdup("UNKNOWN"); 12118de8d7fSPeter Avalos } 12218de8d7fSPeter Avalos 12318de8d7fSPeter Avalos char * 12418de8d7fSPeter Avalos get_local_ipaddr(int sock) 12518de8d7fSPeter Avalos { 12618de8d7fSPeter Avalos char *p; 12718de8d7fSPeter Avalos 12818de8d7fSPeter Avalos if ((p = get_socket_address(sock, 0, NI_NUMERICHOST)) != NULL) 12918de8d7fSPeter Avalos return p; 13018de8d7fSPeter Avalos return xstrdup("UNKNOWN"); 13118de8d7fSPeter Avalos } 13218de8d7fSPeter Avalos 13318de8d7fSPeter Avalos char * 134856ea928SPeter Avalos get_local_name(int fd) 13518de8d7fSPeter Avalos { 136856ea928SPeter Avalos char *host, myname[NI_MAXHOST]; 137856ea928SPeter Avalos 138856ea928SPeter Avalos /* Assume we were passed a socket */ 139856ea928SPeter Avalos if ((host = get_socket_address(fd, 0, NI_NAMEREQD)) != NULL) 140856ea928SPeter Avalos return host; 141856ea928SPeter Avalos 142856ea928SPeter Avalos /* Handle the case where we were passed a pipe */ 143856ea928SPeter Avalos if (gethostname(myname, sizeof(myname)) == -1) { 144*e9778795SPeter Avalos verbose("%s: gethostname: %s", __func__, strerror(errno)); 145*e9778795SPeter Avalos host = xstrdup("UNKNOWN"); 146856ea928SPeter Avalos } else { 147856ea928SPeter Avalos host = xstrdup(myname); 148856ea928SPeter Avalos } 149856ea928SPeter Avalos 150856ea928SPeter Avalos return host; 15118de8d7fSPeter Avalos } 15218de8d7fSPeter Avalos 15318de8d7fSPeter Avalos /* Returns the local/remote port for the socket. */ 15418de8d7fSPeter Avalos 155*e9778795SPeter Avalos static int 15618de8d7fSPeter Avalos get_sock_port(int sock, int local) 15718de8d7fSPeter Avalos { 15818de8d7fSPeter Avalos struct sockaddr_storage from; 15918de8d7fSPeter Avalos socklen_t fromlen; 16018de8d7fSPeter Avalos char strport[NI_MAXSERV]; 16118de8d7fSPeter Avalos int r; 16218de8d7fSPeter Avalos 16318de8d7fSPeter Avalos /* Get IP address of client. */ 16418de8d7fSPeter Avalos fromlen = sizeof(from); 16518de8d7fSPeter Avalos memset(&from, 0, sizeof(from)); 16618de8d7fSPeter Avalos if (local) { 16718de8d7fSPeter Avalos if (getsockname(sock, (struct sockaddr *)&from, &fromlen) < 0) { 16818de8d7fSPeter Avalos error("getsockname failed: %.100s", strerror(errno)); 16918de8d7fSPeter Avalos return 0; 17018de8d7fSPeter Avalos } 17118de8d7fSPeter Avalos } else { 17218de8d7fSPeter Avalos if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) { 17318de8d7fSPeter Avalos debug("getpeername failed: %.100s", strerror(errno)); 17418de8d7fSPeter Avalos return -1; 17518de8d7fSPeter Avalos } 17618de8d7fSPeter Avalos } 17718de8d7fSPeter Avalos 17818de8d7fSPeter Avalos /* Work around Linux IPv6 weirdness */ 17918de8d7fSPeter Avalos if (from.ss_family == AF_INET6) 18018de8d7fSPeter Avalos fromlen = sizeof(struct sockaddr_in6); 18118de8d7fSPeter Avalos 182*e9778795SPeter Avalos /* Non-inet sockets don't have a port number. */ 183*e9778795SPeter Avalos if (from.ss_family != AF_INET && from.ss_family != AF_INET6) 18436e94dc5SPeter Avalos return 0; 18536e94dc5SPeter Avalos 18618de8d7fSPeter Avalos /* Return port number. */ 18718de8d7fSPeter Avalos if ((r = getnameinfo((struct sockaddr *)&from, fromlen, NULL, 0, 18818de8d7fSPeter Avalos strport, sizeof(strport), NI_NUMERICSERV)) != 0) 189*e9778795SPeter Avalos fatal("%s: getnameinfo NI_NUMERICSERV failed: %s", __func__, 19018de8d7fSPeter Avalos ssh_gai_strerror(r)); 19118de8d7fSPeter Avalos return atoi(strport); 19218de8d7fSPeter Avalos } 19318de8d7fSPeter Avalos 19418de8d7fSPeter Avalos int 19518de8d7fSPeter Avalos get_peer_port(int sock) 19618de8d7fSPeter Avalos { 19718de8d7fSPeter Avalos return get_sock_port(sock, 0); 19818de8d7fSPeter Avalos } 19918de8d7fSPeter Avalos 20018de8d7fSPeter Avalos int 201*e9778795SPeter Avalos get_local_port(int sock) 20218de8d7fSPeter Avalos { 203*e9778795SPeter Avalos return get_sock_port(sock, 1); 20418de8d7fSPeter Avalos } 205