X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/blobdiff_plain/e22de16264d3c5a05b3869692af52b1ccdf3aa80..f578043391634ae1d345e84657fec7ecfb0f34a0:/socket.c

diff --git a/socket.c b/socket.c
index 27260a1b..790a86d9 100644
--- a/socket.c
+++ b/socket.c
@@ -81,7 +81,7 @@ static int open_socket_in(int type, int port)
 		return -1;
 	}
   
-	bzero((char *)&sock,sizeof(sock));
+	memset((char *)&sock,0,sizeof(sock));
 	memcpy((char *)&sock.sin_addr,(char *)hp->h_addr, hp->h_length);
 	sock.sin_port = htons(port);
 	sock.sin_family = hp->h_addrtype;
@@ -125,12 +125,12 @@ void start_accept_loop(int port, int (*fn)(int ))
 	/* open an incoming socket */
 	s = open_socket_in(SOCK_STREAM, port);
 	if (s == -1)
-		exit(1);
+		exit_cleanup(1);
 
 	/* ready to listen */
 	if (listen(s, 5) == -1) {
 		close(s);
-		exit(1);
+		exit_cleanup(1);
 	}
 
 
@@ -216,6 +216,8 @@ set user socket options
 void set_socket_options(int fd, char *options)
 {
 	char *tok;
+	if (!options || !*options) return;
+
 	options = strdup(options);
 	
 	if (!options) out_of_memory("set_socket_options");
@@ -306,7 +308,7 @@ char *client_addr(int fd)
 	static char addr_buf[100];
 
 	if (getpeername(fd, &sa, &length)) {
-		exit(1);
+		exit_cleanup(1);
 	}
 
 	strlcpy(addr_buf,(char *)inet_ntoa(sockin->sin_addr), sizeof(addr_buf)-1);
@@ -325,11 +327,13 @@ char *client_name(int fd)
 	int     length = sizeof(sa);
 	static char name_buf[100];
 	struct hostent *hp;
+	char **p;
+	char *def = "UNKNOWN";
 
-	strcpy(name_buf,"UNKNOWN");
+	strcpy(name_buf,def);
 
 	if (getpeername(fd, &sa, &length)) {
-		exit(1);
+		exit_cleanup(1);
 	}
 
 	/* Look up the remote host name. */
@@ -339,5 +343,23 @@ char *client_name(int fd)
 		strlcpy(name_buf,(char *)hp->h_name,sizeof(name_buf) - 1);
 	}
 
+
+	/* do a forward lookup as well to prevent spoofing */
+	hp = gethostbyname(name_buf);
+	if (!hp) {
+		strcpy(name_buf,def);
+		rprintf(FERROR,"reverse name lookup failed\n");
+	} else {
+		for (p=hp->h_addr_list;*p;p++) {
+			if (memcmp(*p, &sockin->sin_addr, hp->h_length) == 0) {
+				break;
+			}
+		}
+		if (!*p) {
+			strcpy(name_buf,def);
+			rprintf(FERROR,"reverse name lookup mismatch - spoofed address?\n");
+		} 
+	}
+
 	return name_buf;
 }