/* open an incoming socket */
s = open_socket_in(SOCK_STREAM, port);
if (s == -1)
- exit(1);
+ exit_cleanup(1);
/* ready to listen */
if (listen(s, 5) == -1) {
close(s);
- exit(1);
+ exit_cleanup(1);
}
void set_socket_options(int fd, char *options)
{
char *tok;
+ if (!options || !*options) return;
+
options = strdup(options);
if (!options) out_of_memory("set_socket_options");
static char addr_buf[100];
if (getpeername(fd, &sa, &length)) {
- exit(1);
+ exit_cleanup(1);
}
strlcpy(addr_buf,(char *)inet_ntoa(sockin->sin_addr), sizeof(addr_buf)-1);
int length = sizeof(sa);
static char name_buf[100];
struct hostent *hp;
+ char **p;
+ char *def = "UNKNOWN";
- strcpy(name_buf,"UNKNOWN");
+ strcpy(name_buf,def);
if (getpeername(fd, &sa, &length)) {
- exit(1);
+ exit_cleanup(1);
}
/* Look up the remote host name. */
strlcpy(name_buf,(char *)hp->h_name,sizeof(name_buf) - 1);
}
+
+ /* do a forward lookup as well to prevent spoofing */
+ hp = gethostbyname(name_buf);
+ if (!hp) {
+ strcpy(name_buf,def);
+ rprintf(FERROR,"reverse name lookup failed\n");
+ } else {
+ for (p=hp->h_addr_list;*p;p++) {
+ if (memcmp(*p, &sockin->sin_addr, hp->h_length) == 0) {
+ break;
+ }
+ }
+ if (!*p) {
+ strcpy(name_buf,def);
+ rprintf(FERROR,"reverse name lookup mismatch - spoofed address?\n");
+ }
+ }
+
return name_buf;
}