RepoMirrors
/
openssh
mirror of git://anongit.mindrot.org/openssh.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- jakob@cvs.openbsd.org 2005/04/20 10:05:45 

[dns.c]
     do not try to look up SSHFP for numerical hostname. ok djm@
This commit is contained in:
Damien Miller 2005-05-26 12:03:31 +10:00
parent 3dc967e17b
commit a31c929f36
2 changed files with 31 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -20,6 +20,9 @@
[ssh.1] [ssh.1]
arg to -b is an address, not if_name; arg to -b is an address, not if_name;
ok markus@ ok markus@
- jakob@cvs.openbsd.org 2005/04/20 10:05:45
[dns.c]
do not try to look up SSHFP for numerical hostname. ok djm@
20050524 20050524
- (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
@ -2519,4 +2522,4 @@
- (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
$Id: ChangeLog,v 1.3766 2005/05/26 02:03:15 djm Exp $ $Id: ChangeLog,v 1.3767 2005/05/26 02:03:31 djm Exp $

29
dns.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: dns.c,v 1.10 2004/06/21 17:36:31 avsm Exp $ */ /* $OpenBSD: dns.c,v 1.11 2005/04/20 10:05:45 jakob Exp $ */
/* /*
* Copyright (c) 2003 Wesley Griffin. All rights reserved. * Copyright (c) 2003 Wesley Griffin. All rights reserved.
@ -43,7 +43,7 @@
#include "uuencode.h" #include "uuencode.h"
extern char *__progname; extern char *__progname;
RCSID("$OpenBSD: dns.c,v 1.10 2004/06/21 17:36:31 avsm Exp $"); RCSID("$OpenBSD: dns.c,v 1.11 2005/04/20 10:05:45 jakob Exp $");
#ifndef LWRES #ifndef LWRES
static const char *errset_text[] = { static const char *errset_text[] = {
@ -142,6 +142,26 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type,
return success; return success;
} }
/*
* Check if hostname is numerical.
* Returns -1 if hostname is numeric, 0 otherwise
*/
static int
is_numeric_hostname(const char *hostname)
{
struct addrinfo hints, *ai;
memset(&hints, 0, sizeof(hints));
hints.ai_socktype = SOCK_DGRAM;
hints.ai_flags = AI_NUMERICHOST;
if (getaddrinfo(hostname, "0", &hints, &ai) == 0) {
freeaddrinfo(ai);
return -1;
}
return 0;
}
/* /*
* Verify the given hostname, address and host key using DNS. * Verify the given hostname, address and host key using DNS.
@ -171,6 +191,11 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
if (hostkey == NULL) if (hostkey == NULL)
fatal("No key to look up!"); fatal("No key to look up!");
if (is_numeric_hostname(hostname)) {
debug("skipped DNS lookup for numerical hostname");
return -1;
}
result = getrrsetbyname(hostname, DNS_RDATACLASS_IN, result = getrrsetbyname(hostname, DNS_RDATACLASS_IN,
DNS_RDATATYPE_SSHFP, 0, &fingerprints); DNS_RDATATYPE_SSHFP, 0, &fingerprints);
if (result) { if (result) {