1*ba1276acSMatthew Dillon /* $OpenBSD: canohost.c,v 1.77 2023/03/31 04:42:29 dtucker Exp $ */
218de8d7fSPeter Avalos /*
318de8d7fSPeter Avalos * Author: Tatu Ylonen <ylo@cs.hut.fi>
418de8d7fSPeter Avalos * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
518de8d7fSPeter Avalos * All rights reserved
618de8d7fSPeter Avalos * Functions for returning the canonical host name of the remote site.
718de8d7fSPeter Avalos *
818de8d7fSPeter Avalos * As far as I am concerned, the code I have written for this software
918de8d7fSPeter Avalos * can be used freely for any purpose. Any derived versions of this
1018de8d7fSPeter Avalos * software must be clearly marked as such, and if the derived work is
1118de8d7fSPeter Avalos * incompatible with the protocol description in the RFC file, it must be
1218de8d7fSPeter Avalos * called by a name other than "ssh" or "Secure Shell".
1318de8d7fSPeter Avalos */
1418de8d7fSPeter Avalos
1518de8d7fSPeter Avalos #include "includes.h"
1618de8d7fSPeter Avalos
1718de8d7fSPeter Avalos #include <sys/types.h>
1818de8d7fSPeter Avalos #include <sys/socket.h>
1936e94dc5SPeter Avalos #include <sys/un.h>
2018de8d7fSPeter Avalos
2118de8d7fSPeter Avalos #include <netinet/in.h>
2218de8d7fSPeter Avalos #include <arpa/inet.h>
2318de8d7fSPeter Avalos
2418de8d7fSPeter Avalos #include <errno.h>
2518de8d7fSPeter Avalos #include <netdb.h>
2618de8d7fSPeter Avalos #include <stdio.h>
2718de8d7fSPeter Avalos #include <stdlib.h>
2818de8d7fSPeter Avalos #include <string.h>
2918de8d7fSPeter Avalos #include <stdarg.h>
30856ea928SPeter Avalos #include <unistd.h>
3118de8d7fSPeter Avalos
3218de8d7fSPeter Avalos #include "xmalloc.h"
3318de8d7fSPeter Avalos #include "packet.h"
3418de8d7fSPeter Avalos #include "log.h"
3518de8d7fSPeter Avalos #include "canohost.h"
3618de8d7fSPeter Avalos #include "misc.h"
3718de8d7fSPeter Avalos
3818de8d7fSPeter Avalos void
ipv64_normalise_mapped(struct sockaddr_storage * addr,socklen_t * len)3918de8d7fSPeter Avalos ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len)
4018de8d7fSPeter Avalos {
4118de8d7fSPeter Avalos struct sockaddr_in6 *a6 = (struct sockaddr_in6 *)addr;
4218de8d7fSPeter Avalos struct sockaddr_in *a4 = (struct sockaddr_in *)addr;
4318de8d7fSPeter Avalos struct in_addr inaddr;
4418de8d7fSPeter Avalos u_int16_t port;
4518de8d7fSPeter Avalos
4618de8d7fSPeter Avalos if (addr->ss_family != AF_INET6 ||
4718de8d7fSPeter Avalos !IN6_IS_ADDR_V4MAPPED(&a6->sin6_addr))
4818de8d7fSPeter Avalos return;
4918de8d7fSPeter Avalos
5018de8d7fSPeter Avalos debug3("Normalising mapped IPv4 in IPv6 address");
5118de8d7fSPeter Avalos
5218de8d7fSPeter Avalos memcpy(&inaddr, ((char *)&a6->sin6_addr) + 12, sizeof(inaddr));
5318de8d7fSPeter Avalos port = a6->sin6_port;
5418de8d7fSPeter Avalos
5536e94dc5SPeter Avalos memset(a4, 0, sizeof(*a4));
5618de8d7fSPeter Avalos
5718de8d7fSPeter Avalos a4->sin_family = AF_INET;
5818de8d7fSPeter Avalos *len = sizeof(*a4);
5918de8d7fSPeter Avalos memcpy(&a4->sin_addr, &inaddr, sizeof(inaddr));
6018de8d7fSPeter Avalos a4->sin_port = port;
6118de8d7fSPeter Avalos }
6218de8d7fSPeter Avalos
6318de8d7fSPeter Avalos /*
6418de8d7fSPeter Avalos * Returns the local/remote IP-address/hostname of socket as a string.
6518de8d7fSPeter Avalos * The returned string must be freed.
6618de8d7fSPeter Avalos */
6718de8d7fSPeter Avalos static char *
get_socket_address(int sock,int remote,int flags)6818de8d7fSPeter Avalos get_socket_address(int sock, int remote, int flags)
6918de8d7fSPeter Avalos {
7018de8d7fSPeter Avalos struct sockaddr_storage addr;
7118de8d7fSPeter Avalos socklen_t addrlen;
7218de8d7fSPeter Avalos char ntop[NI_MAXHOST];
7318de8d7fSPeter Avalos int r;
7418de8d7fSPeter Avalos
75*ba1276acSMatthew Dillon if (sock < 0)
76*ba1276acSMatthew Dillon return NULL;
77*ba1276acSMatthew Dillon
7818de8d7fSPeter Avalos /* Get IP address of client. */
7918de8d7fSPeter Avalos addrlen = sizeof(addr);
8018de8d7fSPeter Avalos memset(&addr, 0, sizeof(addr));
8118de8d7fSPeter Avalos
8218de8d7fSPeter Avalos if (remote) {
83e9778795SPeter Avalos if (getpeername(sock, (struct sockaddr *)&addr, &addrlen) != 0)
8418de8d7fSPeter Avalos return NULL;
8518de8d7fSPeter Avalos } else {
86e9778795SPeter Avalos if (getsockname(sock, (struct sockaddr *)&addr, &addrlen) != 0)
8718de8d7fSPeter Avalos return NULL;
8818de8d7fSPeter Avalos }
8918de8d7fSPeter Avalos
9018de8d7fSPeter Avalos /* Work around Linux IPv6 weirdness */
91e9778795SPeter Avalos if (addr.ss_family == AF_INET6) {
9218de8d7fSPeter Avalos addrlen = sizeof(struct sockaddr_in6);
93e9778795SPeter Avalos ipv64_normalise_mapped(&addr, &addrlen);
9436e94dc5SPeter Avalos }
9536e94dc5SPeter Avalos
96e9778795SPeter Avalos switch (addr.ss_family) {
97e9778795SPeter Avalos case AF_INET:
98e9778795SPeter Avalos case AF_INET6:
9918de8d7fSPeter Avalos /* Get the address in ascii. */
10018de8d7fSPeter Avalos if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop,
10118de8d7fSPeter Avalos sizeof(ntop), NULL, 0, flags)) != 0) {
10250a69bb5SSascha Wildner error_f("getnameinfo %d failed: %s",
103e9778795SPeter Avalos flags, ssh_gai_strerror(r));
10418de8d7fSPeter Avalos return NULL;
10518de8d7fSPeter Avalos }
10618de8d7fSPeter Avalos return xstrdup(ntop);
107e9778795SPeter Avalos case AF_UNIX:
108e9778795SPeter Avalos /* Get the Unix domain socket path. */
109e9778795SPeter Avalos return xstrdup(((struct sockaddr_un *)&addr)->sun_path);
110e9778795SPeter Avalos default:
111e9778795SPeter Avalos /* We can't look up remote Unix domain sockets. */
112e9778795SPeter Avalos return NULL;
113e9778795SPeter Avalos }
11418de8d7fSPeter Avalos }
11518de8d7fSPeter Avalos
11618de8d7fSPeter Avalos char *
get_peer_ipaddr(int sock)11718de8d7fSPeter Avalos get_peer_ipaddr(int sock)
11818de8d7fSPeter Avalos {
11918de8d7fSPeter Avalos char *p;
12018de8d7fSPeter Avalos
12118de8d7fSPeter Avalos if ((p = get_socket_address(sock, 1, NI_NUMERICHOST)) != NULL)
12218de8d7fSPeter Avalos return p;
12318de8d7fSPeter Avalos return xstrdup("UNKNOWN");
12418de8d7fSPeter Avalos }
12518de8d7fSPeter Avalos
12618de8d7fSPeter Avalos char *
get_local_ipaddr(int sock)12718de8d7fSPeter Avalos get_local_ipaddr(int sock)
12818de8d7fSPeter Avalos {
12918de8d7fSPeter Avalos char *p;
13018de8d7fSPeter Avalos
13118de8d7fSPeter Avalos if ((p = get_socket_address(sock, 0, NI_NUMERICHOST)) != NULL)
13218de8d7fSPeter Avalos return p;
13318de8d7fSPeter Avalos return xstrdup("UNKNOWN");
13418de8d7fSPeter Avalos }
13518de8d7fSPeter Avalos
13618de8d7fSPeter Avalos char *
get_local_name(int fd)137856ea928SPeter Avalos get_local_name(int fd)
13818de8d7fSPeter Avalos {
139856ea928SPeter Avalos char *host, myname[NI_MAXHOST];
140856ea928SPeter Avalos
141856ea928SPeter Avalos /* Assume we were passed a socket */
142856ea928SPeter Avalos if ((host = get_socket_address(fd, 0, NI_NAMEREQD)) != NULL)
143856ea928SPeter Avalos return host;
144856ea928SPeter Avalos
145856ea928SPeter Avalos /* Handle the case where we were passed a pipe */
146856ea928SPeter Avalos if (gethostname(myname, sizeof(myname)) == -1) {
14750a69bb5SSascha Wildner verbose_f("gethostname: %s", strerror(errno));
148e9778795SPeter Avalos host = xstrdup("UNKNOWN");
149856ea928SPeter Avalos } else {
150856ea928SPeter Avalos host = xstrdup(myname);
151856ea928SPeter Avalos }
152856ea928SPeter Avalos
153856ea928SPeter Avalos return host;
15418de8d7fSPeter Avalos }
15518de8d7fSPeter Avalos
15618de8d7fSPeter Avalos /* Returns the local/remote port for the socket. */
15718de8d7fSPeter Avalos
158e9778795SPeter Avalos static int
get_sock_port(int sock,int local)15918de8d7fSPeter Avalos get_sock_port(int sock, int local)
16018de8d7fSPeter Avalos {
16118de8d7fSPeter Avalos struct sockaddr_storage from;
16218de8d7fSPeter Avalos socklen_t fromlen;
16318de8d7fSPeter Avalos char strport[NI_MAXSERV];
16418de8d7fSPeter Avalos int r;
16518de8d7fSPeter Avalos
166*ba1276acSMatthew Dillon if (sock < 0)
167*ba1276acSMatthew Dillon return -1;
16818de8d7fSPeter Avalos /* Get IP address of client. */
16918de8d7fSPeter Avalos fromlen = sizeof(from);
17018de8d7fSPeter Avalos memset(&from, 0, sizeof(from));
17118de8d7fSPeter Avalos if (local) {
1720cbfa66cSDaniel Fojt if (getsockname(sock, (struct sockaddr *)&from, &fromlen) == -1) {
17318de8d7fSPeter Avalos error("getsockname failed: %.100s", strerror(errno));
17418de8d7fSPeter Avalos return 0;
17518de8d7fSPeter Avalos }
17618de8d7fSPeter Avalos } else {
1770cbfa66cSDaniel Fojt if (getpeername(sock, (struct sockaddr *)&from, &fromlen) == -1) {
17818de8d7fSPeter Avalos debug("getpeername failed: %.100s", strerror(errno));
17918de8d7fSPeter Avalos return -1;
18018de8d7fSPeter Avalos }
18118de8d7fSPeter Avalos }
18218de8d7fSPeter Avalos
18318de8d7fSPeter Avalos /* Work around Linux IPv6 weirdness */
18418de8d7fSPeter Avalos if (from.ss_family == AF_INET6)
18518de8d7fSPeter Avalos fromlen = sizeof(struct sockaddr_in6);
18618de8d7fSPeter Avalos
187e9778795SPeter Avalos /* Non-inet sockets don't have a port number. */
188e9778795SPeter Avalos if (from.ss_family != AF_INET && from.ss_family != AF_INET6)
18936e94dc5SPeter Avalos return 0;
19036e94dc5SPeter Avalos
19118de8d7fSPeter Avalos /* Return port number. */
19218de8d7fSPeter Avalos if ((r = getnameinfo((struct sockaddr *)&from, fromlen, NULL, 0,
19318de8d7fSPeter Avalos strport, sizeof(strport), NI_NUMERICSERV)) != 0)
19450a69bb5SSascha Wildner fatal_f("getnameinfo NI_NUMERICSERV failed: %s",
19518de8d7fSPeter Avalos ssh_gai_strerror(r));
19618de8d7fSPeter Avalos return atoi(strport);
19718de8d7fSPeter Avalos }
19818de8d7fSPeter Avalos
19918de8d7fSPeter Avalos int
get_peer_port(int sock)20018de8d7fSPeter Avalos get_peer_port(int sock)
20118de8d7fSPeter Avalos {
20218de8d7fSPeter Avalos return get_sock_port(sock, 0);
20318de8d7fSPeter Avalos }
20418de8d7fSPeter Avalos
20518de8d7fSPeter Avalos int
get_local_port(int sock)206e9778795SPeter Avalos get_local_port(int sock)
20718de8d7fSPeter Avalos {
208e9778795SPeter Avalos return get_sock_port(sock, 1);
20918de8d7fSPeter Avalos }
210