jonathan/openssh
1
0
Fork 0
forked from rpms/openssh
Code Pull Requests Activity

set a client's address right after a connection is set

Browse Source 
http://bugzilla.mindrot.org/show_bug.cgi?id=2257
This commit is contained in:
Petr Lautrbach 2014-09-01 17:35:01 +02:00
parent 662c5a05b3
commit 0a3f4e122d
2 changed files with 91 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

87
openssh-6.6p1-set_remote_ipaddr.patch Normal file
View File

@ -0,0 +1,87 @@
diff --git a/canohost.c b/canohost.c
index 97ce58c..1f9320a 100644
--- a/canohost.c
+++ b/canohost.c
@@ -338,6 +338,21 @@ clear_cached_addr(void)
cached_port = -1;
}
+void set_remote_ipaddr(void) {
+ if (canonical_host_ip != NULL)
+ free(canonical_host_ip);
+
+ if (packet_connection_is_on_socket()) {
+ canonical_host_ip =
+ get_peer_ipaddr(packet_get_connection_in());
+ if (canonical_host_ip == NULL)
+ cleanup_exit(255);
+ } else {
+ /* If not on socket, return UNKNOWN. */
+ canonical_host_ip = xstrdup("UNKNOWN");
+ }
+}
+
/*
* Returns the IP-address of the remote host as a string. The returned
* string must not be freed.
@@ -347,17 +362,9 @@ const char *
get_remote_ipaddr(void)
{
/* Check whether we have cached the ipaddr. */
- if (canonical_host_ip == NULL) {
- if (packet_connection_is_on_socket()) {
- canonical_host_ip =
- get_peer_ipaddr(packet_get_connection_in());
- if (canonical_host_ip == NULL)
- cleanup_exit(255);
- } else {
- /* If not on socket, return UNKNOWN. */
- canonical_host_ip = xstrdup("UNKNOWN");
- }
- }
+ if (canonical_host_ip == NULL)
+ set_remote_ipaddr();
+
return canonical_host_ip;
}
diff --git a/canohost.h b/canohost.h
index 4c8636f..4079953 100644
--- a/canohost.h
+++ b/canohost.h
@@ -13,6 +13,7 @@
*/
const char *get_canonical_hostname(int);
+void set_remote_ipaddr(void);
const char *get_remote_ipaddr(void);
const char *get_remote_name_or_ip(u_int, int);
diff --git a/sshconnect.c b/sshconnect.c
index e636f33..451a58b 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -62,6 +62,7 @@
#include "monitor_fdpass.h"
#include "ssh2.h"
#include "version.h"
+#include "canohost.h"
char *client_version_string = NULL;
char *server_version_string = NULL;
@@ -170,6 +171,7 @@ ssh_proxy_fdpass_connect(const char *host, u_short port,
/* Set the connection file descriptors. */
packet_set_connection(sock, sock);
+ set_remote_ipaddr();
return 0;
}
@@ -492,6 +494,7 @@ ssh_connect_direct(const char *host, struct addrinfo *aitop,
/* Set the connection. */
packet_set_connection(sock, sock);
+ set_remote_ipaddr();
return 0;
}

4
openssh.spec
View File

@ -191,6 +191,9 @@ Patch908: openssh-6.6p1-CVE-2014-2653.patch
Patch909: openssh-5618210618256bbf5f4f71b2887ff186fd451736.patch Patch909: openssh-5618210618256bbf5f4f71b2887ff186fd451736.patch
# standardise on NI_MAXHOST for gethostname() string lengths (#1051490) # standardise on NI_MAXHOST for gethostname() string lengths (#1051490)
Patch910: openssh-6.6.1p1-NI_MAXHOST.patch Patch910: openssh-6.6.1p1-NI_MAXHOST.patch
# set a client's address right after a connection is set
# http://bugzilla.mindrot.org/show_bug.cgi?id=2257
Patch911: openssh-6.6p1-set_remote_ipaddr.patch
License: BSD License: BSD
Group: Applications/Internet Group: Applications/Internet
@ -395,6 +398,7 @@ popd
%patch908 -p1 -b .CVE-2014-2653 %patch908 -p1 -b .CVE-2014-2653
%patch909 -p1 -b .6.6.1 %patch909 -p1 -b .6.6.1
%patch910 -p1 -b .NI_MAXHOST %patch910 -p1 -b .NI_MAXHOST
%patch911 -p1 -b .set_remote_ipaddr
%patch200 -p1 -b .audit %patch200 -p1 -b .audit
%patch700 -p1 -b .fips %patch700 -p1 -b .fips