X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/blobdiff_plain/f75502950b37cf202332387df3af2dec27e65535..fcb69e5cdcfdfd0bdcea2127e5f4c9133a2282b9:/clientname.c diff --git a/clientname.c b/clientname.c index f83eb8d3..e1aeb35b 100644 --- a/clientname.c +++ b/clientname.c @@ -74,6 +74,9 @@ static int get_sockaddr_family(const struct sockaddr_storage *ss) * If anything goes wrong, including the name->addr->name check, then * we just use "UNKNOWN", so you can use that value in hosts allow * lines. + * + * After translation from sockaddr to name we do a forward lookup to + * make sure nobody is spoofing PTR records. **/ char *client_name(int fd) { @@ -90,8 +93,9 @@ char *client_name(int fd) client_sockaddr(fd, &ss, &ss_len); - if (!lookup_name(fd, &ss, ss_len, name_buf, sizeof name_buf, port_buf, sizeof port_buf)) - check_name(fd, &ss, ss_len, name_buf, port_buf); + if (!lookup_name(fd, &ss, ss_len, name_buf, sizeof name_buf, + port_buf, sizeof port_buf)) + check_name(fd, &ss, name_buf); return name_buf; } @@ -149,6 +153,8 @@ void client_sockaddr(int fd, /** * Look up a name from @p ss into @p name_buf. + * + * @param fd file descriptor for client socket. **/ int lookup_name(int fd, const struct sockaddr_storage *ss, socklen_t ss_len, @@ -185,7 +191,6 @@ int compare_addrinfo_sockaddr(const struct addrinfo *ai, { int ss_family = get_sockaddr_family(ss); const char fn[] = "compare_addrinfo_sockaddr"; - size_t valid_len; if (ai->ai_family != ss_family) { rprintf(FERROR, @@ -194,21 +199,31 @@ int compare_addrinfo_sockaddr(const struct addrinfo *ai, return 1; } - switch (ss_family) { - case AF_INET: - valid_len = sizeof (struct sockaddr_in); - break; + /* The comparison method depends on the particular AF. */ + if (ss_family == AF_INET) { + const struct sockaddr_in *sin1, *sin2; + + sin1 = (const struct sockaddr_in *) ss; + sin2 = (const struct sockaddr_in *) ai->ai_addr; + + return memcmp(&sin1->sin_addr, &sin2->sin_addr, + sizeof sin1->sin_addr); + } #ifdef INET6 - case AF_INET6: - valid_len = sizeof (struct sockaddr_in6); - break; -#endif - default: - /* Don't know what to do! */ + else if (ss_family == AF_INET6) { + const struct sockaddr_in6 *sin1, *sin2; + + sin1 = (const struct sockaddr_in6 *) ss; + sin2 = (const struct sockaddr_in6 *) ai->ai_addr; + + return memcmp(&sin1->sin6_addr, &sin2->sin6_addr, + sizeof sin1->sin6_addr); + } +#endif /* INET6 */ + else { + /* don't know */ return 1; } - - return memcmp(ss, ai->ai_addr, valid_len); } @@ -217,22 +232,24 @@ int compare_addrinfo_sockaddr(const struct addrinfo *ai, * @p ss -- otherwise we may be being spoofed. If we suspect we are, * then we don't abort the connection but just emit a warning, and * change @p name_buf to be "UNKNOWN". + * + * We don't do anything with the service when checking the name, + * because it doesn't seem that it could be spoofed in any way, and + * getaddrinfo on random service names seems to cause problems on AIX. **/ int check_name(int fd, const struct sockaddr_storage *ss, - socklen_t ss_len, - char *name_buf, - const char *port_buf) + char *name_buf) { struct addrinfo hints, *res, *res0; int error; int ss_family = get_sockaddr_family(ss); memset(&hints, 0, sizeof(hints)); - hints.ai_family = PF_UNSPEC; - hints.ai_flags = ss_family; + hints.ai_family = ss_family; + hints.ai_flags = AI_CANONNAME; hints.ai_socktype = SOCK_STREAM; - error = getaddrinfo(name_buf, port_buf, &hints, &res0); + error = getaddrinfo(name_buf, NULL, &hints, &res0); if (error) { rprintf(FERROR, RSYNC_NAME ": forward name lookup for %s failed: %s\n",