[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-120-g3e80d
|
From: |
Mats Erik Andersson |
|
Subject: |
[SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-120-g3e80d3a |
|
Date: |
Tue, 26 Jun 2012 17:31:06 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU Inetutils ".
The branch, master has been updated
via 3e80d3ab10a603309fc51ac899361bd2dcf83bdf (commit)
via 929d612adb27bc6a5aed4b4b5a3c5ba6ab975189 (commit)
from 164de7caca05f8920e45c5a9b81e7a3069536b86 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=3e80d3ab10a603309fc51ac899361bd2dcf83bdf
commit 3e80d3ab10a603309fc51ac899361bd2dcf83bdf
Author: Mats Erik Andersson <address@hidden>
Date: Mon Jun 25 23:43:06 2012 +0200
rlogind: Address manipulations.
diff --git a/ChangeLog b/ChangeLog
index d88857c..01de26d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,32 @@
2012-06-25 Mats Erik Andersson <address@hidden>
+ rlogind: Prepare for address independence.
+ Update some coding techniques to simplify later
+ IPv6 migration.
+
+ * libinetutils/shishi_def.h (struct auth_data):
+ New members `socklen_t fromlen', `char *hostaddr'.
+ * src/rlogind.c (struct auth_data): Likewise.
+ (rlogin_daemon) [HAVE_STRUCT_SOCKADDR_IN_SIN_LEN]:
+ Assign missing value for `saddr.sin_len'.
+ (rlogind_auth): Use `ap->hostaddr' as address string.
+ [HAVE_DECL_GETNAMEINFO || HAVE_DECL_GETADDRINFO]:
+ New variables RC and HOSTSTR; delete HP in this case.
+ [HAVE_DECL_GETNAMEINFO]: Alternate code for finding
+ host name.
+ [HAVE_DECL_GETADDRINFO && HAVE_DECL_GETNAMEINFO]:
+ Alternate code for host name validation.
+ (rlogind_mainloop): Deleted variable SIZE. New
+ variables ADDRSTR and REPLY. Put socket address
+ size in `auth_data.fromlen'. Determine host address
+ `auth_data.hostaddr' by calling inet_ntop() once.
+ [WITH_IRUSEROK_SA || WITH_IRUSEROK_AF || WITH_IRUSEROK]:
+ Choose the best available iruserok variant.
+ [WITH_RUSEROK_AF || WITH_RUSEROK]: Choose best variant.
+ (do_shishi_login): Compute SOCKLEN as `sizeof (sock)'.
+
+2012-06-25 Mats Erik Andersson <address@hidden>
+
rcp, rlogin, rsh, rshd: IPv6 ability.
* src/rcp.c (family) [WITH_ORCMD_AF || WITH_RCMD_AF]:
diff --git a/libinetutils/shishi_def.h b/libinetutils/shishi_def.h
index 8a43b10..2351d34 100644
--- a/libinetutils/shishi_def.h
+++ b/libinetutils/shishi_def.h
@@ -37,6 +37,8 @@ typedef struct shishi_iv shishi_ivector;
struct auth_data
{
struct sockaddr_in from;
+ socklen_t fromlen;
+ char *hostaddr;
char *hostname;
char *lusername;
char *rusername;
diff --git a/src/rlogind.c b/src/rlogind.c
index 19dd6ab..b3451ef 100644
--- a/src/rlogind.c
+++ b/src/rlogind.c
@@ -145,6 +145,8 @@ extern int __check_rhosts_file;
struct auth_data
{
struct sockaddr_in from;
+ socklen_t fromlen;
+ char *hostaddr;
char *hostname;
char *lusername;
char *rusername;
@@ -481,6 +483,9 @@ rlogin_daemon (int maxchildren, int port)
size = sizeof saddr;
memset (&saddr, 0, size);
saddr.sin_family = AF_INET;
+#ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
+ saddr.sin_len = sizeof (struct sockaddr_in);
+#endif
saddr.sin_addr.s_addr = htonl (INADDR_ANY);
saddr.sin_port = htons (port);
@@ -534,7 +539,12 @@ rlogin_daemon (int maxchildren, int port)
int
rlogind_auth (int fd, struct auth_data *ap)
{
+#if defined HAVE_DECL_GETNAMEINFO || defined HAVE_DECL_GETADDRINFO
+ int rc;
+ char hoststr[NI_MAXHOST];
+#else
struct hostent *hp;
+#endif
char *hostname;
int authenticated = 0;
@@ -545,24 +555,55 @@ rlogind_auth (int fd, struct auth_data *ap)
confirmed = 0;
/* Check the remote host name */
+#ifdef HAVE_DECL_GETNAMEINFO
+ rc = getnameinfo ((struct sockaddr *) &ap->from, ap->fromlen,
+ hoststr, sizeof (hoststr), NULL, 0, NI_NAMEREQD);
+ if (!rc)
+ hostname = hoststr;
+#else /* !HAVE_DECL_GETNAMEINFO */
hp = gethostbyaddr ((char *) &ap->from.sin_addr, sizeof (struct in_addr),
ap->from.sin_family);
if (hp)
hostname = hp->h_name;
+#endif /* !HAVE_DECL_GETNAMEINFO */
else if (reverse_required)
{
syslog (LOG_CRIT, "can't resolve remote IP address");
exit (EXIT_FAILURE);
}
else
- hostname = inet_ntoa (ap->from.sin_addr);
+ hostname = ap->hostaddr;
ap->hostname = strdup (hostname);
if (verify_hostname || in_local_domain (ap->hostname))
{
int match = 0;
+#if defined HAVE_DECL_GETADDRINFO && defined HAVE_DECL_GETNAMEINFO
+ struct addrinfo hints, *ai, *res;
+ char astr[INET6_ADDRSTRLEN];
+
+ memset (&hints, 0, sizeof (hints));
+ hints.ai_family = ap->from.sin_family;
+ hints.ai_socktype = SOCK_STREAM;
+ rc = getaddrinfo (ap->hostname, NULL, &hints, &res);
+ if (!rc)
+ {
+ for (ai = res; ai; ai = ai->ai_next)
+ {
+ rc = getnameinfo (ai->ai_addr, ai->ai_addrlen,
+ astr, sizeof (astr), NULL, 0,
+ NI_NUMERICHOST);
+ if (rc)
+ continue;
+ match = strcmp (astr, ap->hostaddr) == 0;
+ if (match)
+ break;
+ }
+ freeaddrinfo (res);
+ }
+#else /* !HAVE_DECL_GETADDRINFO */
for (hp = gethostbyname (ap->hostname); hp && !match; hp->h_addr_list++)
{
if (hp->h_addr_list[0] == NULL)
@@ -570,10 +611,11 @@ rlogind_auth (int fd, struct auth_data *ap)
match = memcmp (hp->h_addr_list[0], &ap->from.sin_addr,
sizeof (ap->from.sin_addr)) == 0;
}
+#endif /* !HAVE_DECL_GETADDRINFO */
if (!match)
{
syslog (LOG_ERR | LOG_AUTH, "cannot verify matching IP for %s (%s)",
- ap->hostname, inet_ntoa (ap->from.sin_addr));
+ ap->hostname, ap->hostaddr);
fatal (fd, "Permission denied", 0);
}
}
@@ -600,7 +642,7 @@ rlogind_auth (int fd, struct auth_data *ap)
port >= IPPORT_RESERVED || port < IPPORT_RESERVED / 2)
{
syslog (LOG_NOTICE, "Connection from %s on illegal port %d",
- inet_ntoa (ap->from.sin_addr), port);
+ ap->hostaddr, port);
fatal (fd, "Permission denied", 0);
}
#ifdef IP_OPTIONS
@@ -629,7 +671,7 @@ rlogind_auth (int fd, struct auth_data *ap)
{
syslog (LOG_NOTICE,
"Discarding connection from %s with set source
routing",
- inet_ntoa (ap->from.sin_addr));
+ ap->hostaddr);
exit (EXIT_FAILURE);
}
if (*cp == IPOPT_EOL)
@@ -751,24 +793,34 @@ exec_login (int authenticated, struct auth_data *ap)
int
rlogind_mainloop (int infd, int outfd)
{
- socklen_t size;
struct auth_data auth_data;
+ char addrstr[INET6_ADDRSTRLEN];
+ const char *reply;
int true;
char c;
int authenticated;
pid_t pid;
int master;
- memset (&auth_data, 0, sizeof auth_data);
- size = sizeof auth_data.from;
- if (getpeername (infd, (struct sockaddr *) &auth_data.from, &size) < 0)
+ memset (&auth_data, 0, sizeof (auth_data));
+ auth_data.fromlen = sizeof (auth_data.from);
+ if (getpeername (infd, (struct sockaddr *) &auth_data.from,
+ &auth_data.fromlen) < 0)
{
syslog (LOG_ERR, "Can't get peer name of remote host: %m");
fatal (outfd, "Can't get peer name of remote host", 1);
}
- syslog (LOG_INFO, "Connect from %s:%d",
- inet_ntoa (auth_data.from.sin_addr),
+ reply = inet_ntop (auth_data.from.sin_family, &auth_data.from.sin_addr,
+ addrstr, sizeof (addrstr));
+ if (reply == NULL)
+ {
+ syslog (LOG_ERR, "Get numerical address: %m");
+ fatal (outfd, "Cannot get numerical address of peer.", 1);
+ }
+ auth_data.hostaddr = xstrdup (addrstr);
+
+ syslog (LOG_INFO, "Connect from %s:%d", auth_data.hostaddr,
ntohs (auth_data.from.sin_port));
true = 1;
@@ -881,22 +933,35 @@ do_rlogin (int infd, struct auth_data *ap)
fatal (infd, "Permission denied", 0);
}
-#ifdef WITH_IRUSEROK
+#if defined WITH_IRUSEROK_SA || defined WITH_IRUSEROK_AF \
+ || defined WITH_IRUSEROK
+# ifdef WITH_IRUSEROK_SA
+ rc = iruserok_sa ((struct sockaddr *) &ap->from, ap->fromlen, 0,
+ ap->rusername, ap->lusername);
+# elif defined WITH_IRUSEROK_AF
+ rc = iruserok_af (&ap->from.sin_addr, 0, ap->rusername, ap->lusername,
+ ap->from.sin_family);
+# else /* WITH_IRUSEROK */
rc = iruserok (ap->from.sin_addr.s_addr, 0, ap->rusername, ap->lusername);
+# endif /* WITH_IRUSEROK_SA || WITH_IRUSEROK_AF || WITH_IRUSEROK */
if (rc)
syslog (LOG_ERR | LOG_AUTH,
"iruserok failed: rusername=%s, lusername=%s",
ap->rusername, ap->lusername);
-#elif defined WITH_RUSEROK
- rc = ruserok (inet_ntoa (ap->from.sin_addr), 0, ap->rusername,
- ap->lusername);
+#elif defined WITH_RUSEROK_AF || defined WITH_RUSEROK
+# ifdef WITH_RUSEROK_AF
+ rc = ruserok_af (ap->hostaddr, 0, ap->rusername, ap->lusername,
+ ap->from.sin_family);
+# else /* WITH_RUSEROK */
+ rc = ruserok (ap->hostaddr, 0, ap->rusername, ap->lusername);
+# endif /* WITH_RUSEROK_AF || WITH_RUSEROK */
if (rc)
syslog (LOG_ERR | LOG_AUTH,
"ruserok failed: rusername=%s, lusername=%s",
ap->rusername, ap->lusername);
-#else /* !WITH_IRUSEROK && !WITH_RUSEROK */
+#else /* !WITH_IRUSEROK* && !WITH_RUSEROK* */
#error Unable to use mandatory iruserok/ruserok. This should not happen.
-#endif /* !WITH_IRUSEROK && !WITH_RUSEROK */
+#endif /* !WITH_IRUSEROK* && !WITH_RUSEROK* */
return rc;
}
@@ -1116,7 +1181,7 @@ do_shishi_login (int infd, struct auth_data *ad, const
char **err_msg)
size_t compcksumlen;
char cksumdata[100];
struct sockaddr_in sock;
- size_t socklen = sizeof (struct sockaddr_in);
+ size_t socklen = sizeof (sock);
# ifdef ENCRYPTION
rc = get_auth (infd, &ad->h, &ad->ap, &ad->enckey, err_msg, &ad->protocol,
http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=929d612adb27bc6a5aed4b4b5a3c5ba6ab975189
commit 929d612adb27bc6a5aed4b4b5a3c5ba6ab975189
Author: Mats Erik Andersson <address@hidden>
Date: Mon Jun 25 22:43:42 2012 +0200
rcp, rlogin, rsh, rshd: IPv6 ability.
diff --git a/ChangeLog b/ChangeLog
index c395d5b..d88857c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,51 @@
+2012-06-25 Mats Erik Andersson <address@hidden>
+
+ rcp, rlogin, rsh, rshd: IPv6 ability.
+
+ * src/rcp.c (family) [WITH_ORCMD_AF || WITH_RCMD_AF]:
+ New variable.
+ (options) [WITH_ORCMD_AF || WITH_RCMD_AF]: New options
+ `4/ipv4' and `6/ipv6'.
+ (parse_opt) [WITH_ORCMD_AF || WITH_RCMD_AF] <4, 6>:
+ Assign value AF_INET or AF_INET6 to `family'.
+ (toremote, kerberos) [WITH_ORCMD_AF || WITH_RCMD_AF]:
+ Replace AF_INET by `family' in orcmf_af() and rcmd_af().
+ (tolocal) [WITH_ORCMD_AF || WITH_RCMD_AF]: Likewise.
+ [!KERBEROS && WITH_ORCMD_AF]: Correction to conditional.
+ Call one of the rcmd() variants only if the macro KERBEROS
+ is not defined.
+
+ * src/rlogin.c (family) [WITH_ORCMD_AF || WITH_RCMD_AF]:
+ New variable.
+ (argp_options) [WITH_ORCMD_AF || WITH_RCMD_AF]: New
+ options `4/ipv4' and `6/ipv6'.
+ (parse_opt) [WITH_ORCMD_AF || WITH_RCMD_AF] <4, 6>:
+ Assign value AF_INET or AF_INET6 to `family'.
+ (main) [WITH_ORCMD_AF]: Call orcmd_af().
+ [WITH_RCMD_AF && !WITH_ORCMD_AF]: Call rcmd_af().
+ [WITH_ORCMD && !WITH_ORCMD_AF && !WITH_RCMD_AF]:
+ Call orcmd().
+
+ * src/rsh.c (family) [WITH_ORCMD_AF || WITH_RCMD_AF]:
+ New variable.
+ (options) [WITH_ORCMD_AF || WITH_RCMD_AF]: New options
+ `4/ipv4' and `6/ipv6'.
+ (parse_opt) [WITH_ORCMD_AF || WITH_RCMD_AF] <4, 6>:
+ Assign value AF_INET or AF_INET6 to `family'.
+ (main) [WITH_ORCMD_AF]: Use `family' in last argument
+ to orcmd_af().
+ [WITH_RCMD_AF]: Likewise for rcmd_af().
+
+ * src/rshd.c (main): New type `struct sockaddr_storage from'.
+ Cast &FROM as `struct sockaddr *' when calling doit().
+ (doit): New signature `(int, struct sockaddr *, socklen_t)'.
+ Adapt code to new parameter type `struct sockaddr * fromp',
+ using casts whenever needed. Check `fromp->sa_family'.
+ [WITH_IRUSEROK_AF && !WITH_PAM]: New variable FROMADDRP.
+ [KERBEROS || SHISHI]: Check for IPv4 only in this case.
+ <hostname validation> [HAVE_DECL_GETNAMEINFO]: Use the
+ flag NI_NAMEREQD.
+
2012-06-19 Mats Erik Andersson <address@hidden>
rshd: PAM session handling.
diff --git a/src/rcp.c b/src/rcp.c
index 0f8c114..f5d5e67 100644
--- a/src/rcp.c
+++ b/src/rcp.c
@@ -128,6 +128,9 @@ const char arg_doc[] = "SOURCE DEST\n"
int preserve_option;
int from_option, to_option;
int iamremote, iamrecursive, targetshouldbedirectory;
+#if defined WITH_ORCMD_AF || defined WITH_RCMD_AF
+sa_family_t family = AF_UNSPEC;
+#endif
static struct argp_option options[] = {
#define GRID 0
@@ -162,6 +165,14 @@ static struct argp_option options[] = {
{ "to", 't', NULL, 0,
"copying to remote host",
GRID+1 },
+#if defined WITH_ORCMD_AF || defined WITH_RCMD_AF
+ { "ipv4", '4', NULL, 0,
+ "use only IPv4",
+ GRID+1 },
+ { "ipv6", '6', NULL, 0,
+ "use only IPv6",
+ GRID+1 },
+#endif /* WITH_ORCMD_AF || WITH_RCMD_AF */
{ NULL }
};
@@ -170,6 +181,15 @@ parse_opt (int key, char *arg, struct argp_state *state)
{
switch (key)
{
+#if defined WITH_ORCMD_AF || defined WITH_RCMD_AF
+ case '4':
+ family = AF_INET;
+ break;
+ case '6':
+ family = AF_INET6;
+ break;
+#endif /* WITH_ORCMD_AF || WITH_RCMD_AF */
+
#ifdef KERBEROS
case 'K':
use_kerberos = 0;
@@ -432,11 +452,11 @@ toremote (char *targ, int argc, char *argv[])
#ifdef WITH_ORCMD_AF
rem = orcmd_af (&host, port, pwd->pw_name,
tuser ? tuser : pwd->pw_name,
- bp, 0, AF_INET);
+ bp, 0, family);
#elif defined WITH_RCMD_AF
rem = rcmd_af (&host, port, pwd->pw_name,
tuser ? tuser : pwd->pw_name,
- bp, 0, AF_INET);
+ bp, 0, family);
#elif defined WITH_ORCMD
rem = orcmd (&host, port, pwd->pw_name,
tuser ? tuser : pwd->pw_name, bp, 0);
@@ -507,11 +527,10 @@ tolocal (int argc, char *argv[])
rem =
#ifdef KERBEROS
use_kerberos ? kerberos (&host, bp, pwd->pw_name, suser) :
-#endif
-#ifdef WITH_ORCMD_AF
- orcmd_af (&host, port, pwd->pw_name, suser, bp, 0, AF_INET);
+#elif defined WITH_ORCMD_AF
+ orcmd_af (&host, port, pwd->pw_name, suser, bp, 0, family);
#elif defined WITH_RCMD_AF
- rcmd_af (&host, port, pwd->pw_name, suser, bp, 0, AF_INET);
+ rcmd_af (&host, port, pwd->pw_name, suser, bp, 0, family);
#elif defined WITH_ORCMD
orcmd (&host, port, pwd->pw_name, suser, bp, 0);
#else /* !WITH_ORCMD_AF && !WITH_RCMD_AF && !WITH_ORCMD */
@@ -1063,15 +1082,15 @@ again:
if (doencrypt)
error (EXIT_FAILURE, 0, "the -x option requires Kerberos
authentication");
# endif
-#ifdef WITH_ORCMD_AF
- rem = orcmd_af (host, port, locuser, user, bp, 0, AF_INET);
-#elif defined WITH_RCMD_AF
- rem = rcmd_af (host, port, locuser, user, bp, 0, AF_INET);
-#elif defined WITH_ORCMD
+# ifdef WITH_ORCMD_AF
+ rem = orcmd_af (host, port, locuser, user, bp, 0, family);
+# elif defined WITH_RCMD_AF
+ rem = rcmd_af (host, port, locuser, user, bp, 0, family);
+# elif defined WITH_ORCMD
rem = orcmd (host, port, locuser, user, bp, 0);
-#else /* !WITH_ORCMD_AF && !WITH_RCMD_AF && !WITH_ORCMD */
+# else /* !WITH_ORCMD_AF && !WITH_RCMD_AF && !WITH_ORCMD */
rem = rcmd (host, port, locuser, user, bp, 0);
-#endif
+# endif
}
return rem;
}
diff --git a/src/rlogin.c b/src/rlogin.c
index 2e5c5ba..d4f0171 100644
--- a/src/rlogin.c
+++ b/src/rlogin.c
@@ -178,6 +178,9 @@ int noescape;
char * host = NULL;
char * user = NULL;
unsigned char escapechar = '~';
+#if defined WITH_ORCMD_AF || defined WITH_RCMD_AF
+sa_family_t family = AF_UNSPEC;
+#endif
#ifdef OLDSUN
@@ -248,6 +251,10 @@ static struct argp_option argp_options[] = {
{"realm", 'k', "REALM", 0, "obtain tickets for the remote host in REALM "
"realm instead of the remote's realm", GRP+1},
#endif
+#if defined WITH_ORCMD_AF || defined WITH_RCMD_AF
+ { "ipv4", '4', NULL, 0, "use only IPv4" },
+ { "ipv6", '6', NULL, 0, "use only IPv6" },
+#endif
#undef GRP
{NULL}
};
@@ -257,6 +264,14 @@ parse_opt (int key, char *arg, struct argp_state *state)
{
switch (key)
{
+#if defined WITH_ORCMD_AF || defined WITH_RCMD_AF
+ case '4':
+ family = AF_INET;
+ break;
+ case '6':
+ family = AF_INET6;
+ break;
+#endif
/* 8-bit input Specifying this forces us to use RAW mode input from
the user's terminal. Also, in this mode we won't perform any
local flow control. */
@@ -550,14 +565,29 @@ try_connect:
if (!user)
user = pw->pw_name;
+# ifdef WITH_ORCMD_AF
+ rem = orcmd_af (&host, sp->s_port, pw->pw_name, user, term, 0, family);
+# elif defined WITH_RCMD_AF
+ rem = rcmd_af (&host, sp->s_port, pw->pw_name, user, term, 0, family);
+# elif defined WITH_ORCMD
+ rem = orcmd (&host, sp->s_port, pw->pw_name, user, term, 0);
+# else /* !WITH_ORCMD_AF && !WITH_RCMD_AF && !WITH_ORCMD */
rem = rcmd (&host, sp->s_port, pw->pw_name, user, term, 0);
+# endif
}
-#else
+#else /* !KERBEROS && !SHISHI */
if (!user)
user = pw->pw_name;
+# ifdef WITH_ORCMD_AF
+ rem = orcmd_af (&host, sp->s_port, pw->pw_name, user, term, 0, family);
+# elif defined WITH_RCMD_AF
+ rem = rcmd_af (&host, sp->s_port, pw->pw_name, user, term, 0, family);
+# elif defined WITH_ORCMD
+ rem = orcmd (&host, sp->s_port, pw->pw_name, user, term, 0);
+# else /* !WITH_ORCMD_AF && !WITH_RCMD_AF && !WITH_ORCMD */
rem = rcmd (&host, sp->s_port, pw->pw_name, user, term, 0);
-
+# endif
#endif /* KERBEROS */
if (rem < 0)
diff --git a/src/rsh.c b/src/rsh.c
index da3306f..aabc88f 100644
--- a/src/rsh.c
+++ b/src/rsh.c
@@ -96,6 +96,9 @@
int debug_option = 0;
int null_input_option = 0;
char *user = NULL;
+#if defined WITH_ORCMD_AF || defined WITH_RCMD_AF
+sa_family_t family = AF_UNSPEC;
+#endif
#if defined KERBEROS || defined SHISHI
int use_kerberos = 1, doencrypt;
@@ -154,6 +157,10 @@ static struct argp_option options[] = {
{ "encrypt", 'x', NULL, 0,
"encrypt all data using DES" },
#endif
+#if defined WITH_ORCMD_AF || defined WITH_RCMD_AF
+ { "ipv4", '4', NULL, 0, "use only IPv4" },
+ { "ipv6", '6', NULL, 0, "use only IPv6" },
+#endif
{ NULL }
};
@@ -162,6 +169,14 @@ parse_opt (int key, char *arg, struct argp_state *state)
{
switch (key)
{
+#if defined WITH_ORCMD_AF || defined WITH_RCMD_AF
+ case '4':
+ family = AF_INET;
+ break;
+ case '6':
+ family = AF_INET6;
+ break;
+#endif
case 'L': /* -8Lew are ignored to allow rlogin aliases */
case 'e':
case 'w':
@@ -446,9 +461,9 @@ try_connect:
if (doencrypt)
error (EXIT_FAILURE, 0, "the -x flag requires Kerberos authentication");
# ifdef WITH_ORCMD_AF
- rem = orcmd_af (&host, sp->s_port, pw->pw_name, user, args, &rfd2,
AF_INET);
+ rem = orcmd_af (&host, sp->s_port, pw->pw_name, user, args, &rfd2,
family);
# elif defined WITH_RCMD_AF
- rem = rcmd_af (&host, sp->s_port, pw->pw_name, user, args, &rfd2,
AF_INET);
+ rem = rcmd_af (&host, sp->s_port, pw->pw_name, user, args, &rfd2,
family);
# elif defined WITH_ORCMD
rem = orcmd (&host, sp->s_port, pw->pw_name, user, args, &rfd2);
# else /* !WITH_ORCMD_AF && !WITH_RCMD_AF && !WITH_ORCMD */
@@ -459,9 +474,9 @@ try_connect:
if (!user)
user = pw->pw_name;
# ifdef WITH_ORCMD_AF
- rem = orcmd_af (&host, sp->s_port, pw->pw_name, user, args, &rfd2, AF_INET);
+ rem = orcmd_af (&host, sp->s_port, pw->pw_name, user, args, &rfd2, family);
# elif defined WITH_RCMD_AF
- rem = rcmd_af (&host, sp->s_port, pw->pw_name, user, args, &rfd2, AF_INET);
+ rem = rcmd_af (&host, sp->s_port, pw->pw_name, user, args, &rfd2, family);
# elif defined WITH_ORCMD
rem = orcmd (&host, sp->s_port, pw->pw_name, user, args, &rfd2);
# else /* !WITH_ORCMD_AF && !WITH_RCMD_AF && !WITH_ORCMD */
diff --git a/src/rshd.c b/src/rshd.c
index 0979421..fe361cd 100644
--- a/src/rshd.c
+++ b/src/rshd.c
@@ -163,7 +163,7 @@ int check_all;
int log_success; /* If TRUE, log all successful accesses */
int sent_null;
-void doit (int, struct sockaddr_in *, socklen_t);
+void doit (int, struct sockaddr *, socklen_t);
void rshd_error (const char *, ...);
char *getstr (const char *);
int local_domain (const char *);
@@ -294,7 +294,7 @@ main (int argc, char *argv[])
struct linger linger;
int on = 1;
socklen_t fromlen;
- struct sockaddr_in from;
+ struct sockaddr_storage from;
int sockfd;
set_program_name (argv[0]);
@@ -354,7 +354,7 @@ main (int argc, char *argv[])
if (setsockopt (sockfd, SOL_SOCKET, SO_LINGER, (char *) &linger,
sizeof linger) < 0)
syslog (LOG_WARNING, "setsockopt (SO_LINGER): %m");
- doit (sockfd, &from, fromlen);
+ doit (sockfd, (struct sockaddr *) &from, fromlen);
return 0;
}
@@ -371,12 +371,11 @@ char *envinit[] = { homedir, shell, path, logname,
username, rhost, NULL };
extern char **environ;
void
-doit (int sockfd, struct sockaddr_in *fromp, socklen_t fromlen)
+doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
{
#ifdef HAVE___RCMD_ERRSTR
extern char *__rcmd_errstr; /* syslog hook from libc/net/rcmd.c. */
#endif
- struct hostent *hp;
#ifdef HAVE_GETPWNAM_R
char *pwbuf;
int ret, pwbuflen;
@@ -391,10 +390,15 @@ doit (int sockfd, struct sockaddr_in *fromp, socklen_t
fromlen)
char portstr[8], addrstr[INET6_ADDRSTRLEN];
#ifdef HAVE_DECL_GETNAMEINFO
char addrname[NI_MAXHOST];
+#else /* !HAVE_DECL_GETNAMEINFO */
+ struct hostent *hp;
#endif
const char *hostname, *errorstr, *errorhost = NULL;
char *cp, sig, buf[BUFSIZ];
char *cmdbuf, *locuser, *remuser;
+#if defined WITH_IRUSEROK_AF && !defined WITH_PAM
+ void * fromaddrp; /* Pointer to remote address. */
+#endif
#ifdef KERBEROS
AUTH_DAT *kdata = (AUTH_DAT *) NULL;
@@ -438,7 +442,7 @@ doit (int sockfd, struct sockaddr_in *fromp, socklen_t
fromlen)
#endif
#ifdef HAVE_DECL_GETNAMEINFO
- rc = getnameinfo ((struct sockaddr *) fromp, fromlen,
+ rc = getnameinfo (fromp, fromlen,
addrstr, sizeof (addrstr),
portstr, sizeof (portstr),
NI_NUMERICHOST | NI_NUMERICSERV);
@@ -449,18 +453,21 @@ doit (int sockfd, struct sockaddr_in *fromp, socklen_t
fromlen)
}
inport = atoi (portstr);
#else /* !HAVE_DECL_GETNAMEINFO */
- strncpy (addrstr, inet_ntoa (fromp->sin_addr), sizeof (addrstr));
- inport = ntohs (fromp->sin_port);
+ strncpy (addrstr, inet_ntoa (((struct sockaddr_in *) fromp)->sin_addr),
+ sizeof (addrstr));
+ inport = ntohs (((struct sockaddr_in *) fromp)->sin_port);
snprintf (portstr, sizeof (portstr), "%u", inport);
#endif
/* Verify that the client's address is an Internet adress. */
- if (fromp->sin_family != AF_INET)
+#if defined KERBEROS || defined SHISHI
+ if (fromp->sa_family != AF_INET)
{
syslog (LOG_ERR, "malformed originating address (af %d)\n",
- fromp->sin_family);
+ fromp->sa_family);
exit (EXIT_FAILURE);
}
+#endif
#ifdef IP_OPTIONS
{
unsigned char optbuf[BUFSIZ / 3], *cp;
@@ -575,7 +582,7 @@ doit (int sockfd, struct sockaddr_in *fromp, socklen_t
fromlen)
*/
int lport = IPPORT_RESERVED - 1;
#ifdef WITH_RRESVPORT_AF
- s = rresvport_af (&lport, fromp->sin_family);
+ s = rresvport_af (&lport, fromp->sa_family);
#else
s = rresvport (&lport);
#endif
@@ -597,8 +604,16 @@ doit (int sockfd, struct sockaddr_in *fromp, socklen_t
fromlen)
* client; just change the port# to the one specified
* as secondary port by the client.
*/
- fromp->sin_port = htons (port);
- if (connect (s, (struct sockaddr *) fromp, fromlen) < 0)
+ switch (fromp->sa_family)
+ {
+ case AF_INET6:
+ ((struct sockaddr_in6 *) fromp)->sin6_port = htons (port);
+ break;
+ case AF_INET:
+ default:
+ ((struct sockaddr_in *) fromp)->sin_port = htons (port);
+ }
+ if (connect (s, fromp, fromlen) < 0)
{
syslog (LOG_INFO, "connect second port %d: %m", port);
exit (EXIT_FAILURE);
@@ -626,8 +641,8 @@ doit (int sockfd, struct sockaddr_in *fromp, socklen_t
fromlen)
*/
errorstr = NULL;
#ifdef HAVE_DECL_GETNAMEINFO
- rc = getnameinfo ((struct sockaddr *) fromp, fromlen,
- addrname, sizeof (addrname), NULL, 0, 0);
+ rc = getnameinfo (fromp, fromlen, addrname, sizeof (addrname),
+ NULL, 0, NI_NAMEREQD);
if (rc == 0)
{
hostname = addrname;
@@ -640,7 +655,7 @@ doit (int sockfd, struct sockaddr_in *fromp, socklen_t
fromlen)
errorhost = addrname;
memset (&hints, 0, sizeof (hints));
- hints.ai_family = fromp->sin_family;
+ hints.ai_family = fromp->sa_family;
hints.ai_socktype = SOCK_STREAM;
rc = getaddrinfo (hostname, NULL, &hints, &res);
@@ -680,8 +695,17 @@ doit (int sockfd, struct sockaddr_in *fromp, socklen_t
fromlen)
}
}
#else /* !HAVE_DECL_GETNAMEINFO */
- hp = gethostbyaddr ((char *) &fromp->sin_addr, sizeof (struct in_addr),
- fromp->sin_family);
+ switch (fromp->sa_family)
+ {
+ case AF_INET6:
+ hp = gethostbyaddr ((void *) &((struct sockaddr_in6 *) fromp)->sin6_addr,
+ sizeof (struct in6_addr), fromp->sa_family);
+ break;
+ case AF_INET:
+ default:
+ hp = gethostbyaddr ((void *) &((struct sockaddr_in *) fromp)->sin_addr,
+ sizeof (struct in_addr), fromp->sa_family);
+ }
if (hp)
{
/*
@@ -725,8 +749,10 @@ doit (int sockfd, struct sockaddr_in *fromp, socklen_t
fromlen)
break;
}
if (!memcmp (hp->h_addr_list[0],
- (caddr_t) & fromp->sin_addr,
- sizeof fromp->sin_addr))
+ (fromp->sa_family == AF_INET6)
+ ? (void *) & ((struct sockaddr_in6 *)
fromp)->sin6_addr
+ : (void *) & ((struct sockaddr_in *)
fromp)->sin_addr,
+ hp->h_length))
{
hostname = strdup (hp->h_name);
break; /* equal, OK */
@@ -881,6 +907,7 @@ doit (int sockfd, struct sockaddr_in *fromp, socklen_t
fromlen)
/* verify checksum */
/* Doesn't give socket port ?
+ socklen = sizeof (sock);
if (getsockname (STDIN_FILENO, (struct sockaddr *)&sock, &socklen) < 0)
{
syslog (LOG_ERR, "Can't get sock name");
@@ -1051,17 +1078,26 @@ doit (int sockfd, struct sockaddr_in *fromp, socklen_t
fromlen)
&& (iruserok_sa ((void *) fromp, fromlen,
pwd->pw_uid == 0, remuser, locuser)) < 0))
# elif defined WITH_IRUSEROK_AF
+ switch (fromp->sa_family)
+ {
+ case AF_INET6:
+ fromaddrp = (void *) &((struct sockaddr_in6 *) fromp)->sin6_addr;
+ break;
+ case AF_INET:
+ default:
+ fromaddrp = (void *) &((struct sockaddr_in *) fromp)->sin_addr;
+ }
if (errorstr || (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0'
- && (iruserok_af (&fromp->sin_addr, pwd->pw_uid == 0,
- remuser, locuser, fromp->sin_family)) < 0))
+ && (iruserok_af (fromaddrp, pwd->pw_uid == 0,
+ remuser, locuser, fromp->sa_family)) < 0))
# elif defined WITH_IRUSEROK
if (errorstr || (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0'
- && (iruserok (fromp->sin_addr.s_addr, pwd->pw_uid == 0,
- remuser, locuser)) < 0))
+ && (iruserok (((struct sockaddr_in *)
fromp)->sin_addr.s_addr,
+ pwd->pw_uid == 0, remuser, locuser)) < 0))
# elif defined WITH_RUSEROK_AF
if (errorstr || (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0'
&& (ruserok_af (addrstr, pwd->pw_uid == 0,
- remuser, locuser, fromp->sin_family)) < 0))
+ remuser, locuser, fromp->sa_family)) < 0))
# elif defined WITH_RUSEROK
if (errorstr || (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0'
&& (ruserok (addrstr, pwd->pw_uid == 0,
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 75 ++++++++++++++++++++++++++++++++++
libinetutils/shishi_def.h | 2 +
src/rcp.c | 45 ++++++++++++++------
src/rlogin.c | 34 ++++++++++++++-
src/rlogind.c | 99 +++++++++++++++++++++++++++++++++++++--------
src/rsh.c | 23 +++++++++--
src/rshd.c | 86 +++++++++++++++++++++++++++-----------
7 files changed, 303 insertions(+), 61 deletions(-)
hooks/post-receive
--
GNU Inetutils
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-120-g3e80d3a,
Mats Erik Andersson <=