diff options
| author | ume <ume@FreeBSD.org> | 2002-09-09 16:49:11 +0000 |
|---|---|---|
| committer | ume <ume@FreeBSD.org> | 2002-09-09 16:49:11 +0000 |
| commit | 03b3b7821749b83a01f99c9197e5913e82deef5b (patch) | |
| tree | bc8f37e43084c3da731c1102b41eddf16bd03714 /crypto | |
| parent | f005a7d8a019151f00fed1e56fd983935498ec67 (diff) | |
| download | FreeBSD-src-03b3b7821749b83a01f99c9197e5913e82deef5b.zip FreeBSD-src-03b3b7821749b83a01f99c9197e5913e82deef5b.tar.gz | |
sshd didn't handle actual size of struct sockaddr correctly,
and did copy it as long as just size of struct sockaddr. So,
If connection is via IPv6, sshd didn't log hostname into utmp
correctly.
This problem occured only under FreeBSD because of our hack.
However, this is potential problem of OpenSSH-portable, and
they agreed to fix this.
Though, there is no fixed version of OpenSSH-portable available
yet, since this problem is serious for IPv6 users, I commit the
fix.
Reported by: many people
Reviewed by: current@ and stable@ (no objection)
MFC after: 3 days
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/openssh/monitor.c | 4 | ||||
| -rw-r--r-- | crypto/openssh/session.c | 8 | ||||
| -rw-r--r-- | crypto/openssh/sshlogin.c | 8 | ||||
| -rw-r--r-- | crypto/openssh/sshlogin.h | 5 |
4 files changed, 13 insertions, 12 deletions
diff --git a/crypto/openssh/monitor.c b/crypto/openssh/monitor.c index e5b7301..1d929c2 100644 --- a/crypto/openssh/monitor.c +++ b/crypto/openssh/monitor.c @@ -1113,8 +1113,8 @@ mm_record_login(Session *s, struct passwd *pw) * the address be 0.0.0.0. */ memset(&from, 0, sizeof(from)); + fromlen = sizeof(from); if (packet_connection_is_on_socket()) { - fromlen = sizeof(from); if (getpeername(packet_get_connection_in(), (struct sockaddr *) & from, &fromlen) < 0) { debug("getpeername: %.100s", strerror(errno)); @@ -1124,7 +1124,7 @@ mm_record_login(Session *s, struct passwd *pw) /* Record that there was a login on that tty from the remote host. */ record_login(s->pid, s->tty, pw->pw_name, pw->pw_uid, get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping), - (struct sockaddr *)&from); + (struct sockaddr *)&from, fromlen); } static void diff --git a/crypto/openssh/session.c b/crypto/openssh/session.c index ad00f29..87139cf 100644 --- a/crypto/openssh/session.c +++ b/crypto/openssh/session.c @@ -669,8 +669,8 @@ do_pre_login(Session *s) * the address be 0.0.0.0. */ memset(&from, 0, sizeof(from)); + fromlen = sizeof(from); if (packet_connection_is_on_socket()) { - fromlen = sizeof(from); if (getpeername(packet_get_connection_in(), (struct sockaddr *) & from, &fromlen) < 0) { debug("getpeername: %.100s", strerror(errno)); @@ -680,7 +680,7 @@ do_pre_login(Session *s) record_utmp_only(pid, s->tty, s->pw->pw_name, get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping), - (struct sockaddr *)&from); + (struct sockaddr *)&from, fromlen); } #endif @@ -721,8 +721,8 @@ do_login(Session *s, const char *command) * the address be 0.0.0.0. */ memset(&from, 0, sizeof(from)); + fromlen = sizeof(from); if (packet_connection_is_on_socket()) { - fromlen = sizeof(from); if (getpeername(packet_get_connection_in(), (struct sockaddr *) & from, &fromlen) < 0) { debug("getpeername: %.100s", strerror(errno)); @@ -735,7 +735,7 @@ do_login(Session *s, const char *command) record_login(pid, s->tty, pw->pw_name, pw->pw_uid, get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping), - (struct sockaddr *)&from); + (struct sockaddr *)&from, fromlen); #ifdef USE_PAM /* diff --git a/crypto/openssh/sshlogin.c b/crypto/openssh/sshlogin.c index a794672..4549a2a 100644 --- a/crypto/openssh/sshlogin.c +++ b/crypto/openssh/sshlogin.c @@ -66,12 +66,12 @@ get_last_login_time(uid_t uid, const char *logname, */ void record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid, - const char *host, struct sockaddr * addr) + const char *host, struct sockaddr * addr, socklen_t addrlen) { struct logininfo *li; li = login_alloc_entry(pid, user, host, ttyname); - login_set_addr(li, addr, sizeof(struct sockaddr)); + login_set_addr(li, addr, addrlen); login_login(li); login_free_entry(li); } @@ -79,12 +79,12 @@ record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid, #ifdef LOGIN_NEEDS_UTMPX void record_utmp_only(pid_t pid, const char *ttyname, const char *user, - const char *host, struct sockaddr * addr) + const char *host, struct sockaddr * addr, socklen_t addrlen) { struct logininfo *li; li = login_alloc_entry(pid, user, host, ttyname); - login_set_addr(li, addr, sizeof(struct sockaddr)); + login_set_addr(li, addr, addrlen); login_utmp_only(li); login_free_entry(li); } diff --git a/crypto/openssh/sshlogin.h b/crypto/openssh/sshlogin.h index bd30278..9f0d5f0 100644 --- a/crypto/openssh/sshlogin.h +++ b/crypto/openssh/sshlogin.h @@ -1,4 +1,5 @@ /* $OpenBSD: sshlogin.h,v 1.3 2001/06/26 17:27:25 markus Exp $ */ +/* $FreeBSD$ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -16,13 +17,13 @@ void record_login(pid_t, const char *, const char *, uid_t, - const char *, struct sockaddr *); + const char *, struct sockaddr *, socklen_t); void record_logout(pid_t, const char *, const char *); u_long get_last_login_time(uid_t, const char *, char *, u_int); #ifdef LOGIN_NEEDS_UTMPX void record_utmp_only(pid_t, const char *, const char *, const char *, - struct sockaddr *); + struct sockaddr *, socklen_t); #endif #endif |
